I am developing applications using Angular and the client side is 100% JS. I am about to replace an old application made using ExtJS but I will not change the server-side. Only the client-side be re-coded from scratch.
I would like to work on this project from anywhere and any machine but I need to be able to perform cross-domain AJAX queries with the original server (server-side is ASP.NET MVC with IIS and I don't want to install Windows + everything on all the computers I use). Is there a way to do this easily?
Thanks for your ideas!
PS: JsonP is not a solution for me.
Couple of things:
At the end of the day you have to enable CORS in your server.
You can use a CORS proxy https://github.com/gr2m/CORS-Proxy for development. This proxy will actually change the request header of X-Origin which browsers even can but "won't" because of policy. So you will be able to make Cross Origin Requests.
If neither JSONP nor CORS are availble to you as options then you will have to take help of server side scripting.
You can create a method in your server side code and get the response from desired cross domain url and return the response to your javascript function.
You can use CORS (Cross Origin Resource Sharing)
Related
i am making a application by using REST API. the api provide me data but browser block for CORS policy. is it possible solve the issue from client side. or need to work at serve. i have try some nodejs package like cors-anywhere but still having issue
It is not possible to solve for good, because it is handled by server to control the origin request (The origin of the request(client) and the server must be in the same origin). But while you are developing you can use cors chrome extension, it will allow you to make the requests.
Chome extension.
Hope it helps.
I'm trying to make a webservice call from an html page to the server using XmlHttpRequest. What is the easiest way to get around the cross-domain issue without using a proxy? The remote server takes XML as the request and the response is also in XML. I have access to the server (IIS). I'll need to do GET and POST across the domains. Here's what I've researched so far -
Crossdomain.xml
CORS
JSONP
Is Crossdomain only for for flash players and stuff? CORS kind of seems hard to implement for BOTH client and server. Can JSONP be used for POST?
Thanks for any help.
Edit: I'm trying to run this on a smart device.
It depends on the version of IIS you are using.
At this URL, http://enable-cors.org/ they describe the solutions which you can take to enable Cross Domain access.
For example calling a Data Service www.abc.com/Service from www.zzz.com can be done by enabling a cross domain protocol.
Note that the method for configuring IIS6 and IIS7 / 8 are different.
I'm trying to use a SOAP-webservice from javascript.
Both the server and client are in the same LAN and i control both.
when i try to send a request i get:
XMLHttpRequest cannot load .
Origin is not allowed by Access-Control-Allow-Origin.
this is probably because of cross-origin-scripting?
I would like to fix this on the server side.
that means: adding extra headers on outgoing messages:
Access-Control-Allow-Origin: *
how can I add these response headers?
I'm using Netbeans to manage the web service in Glassfish
There is a hint in the error message. The server running on a different host needs to return the Access-contol-allow-origin header and possibly also Access-control-include-credential.
Note that this only works in newer browsers, so if there are older browsers in your network, you may need to lookk at something like proxying or using eadyXDM.
Btw, use "cross origin" instead of cross site scripting". Cross site scripting is a vulnerability, and using this term makes the question a bit confusing.
I'm trying to access a SOAP web service on another server using ajax but I'm getting an Access Control Allow Origin error. The web service returns XML so JSONP can't be used and the web service is also being used in another app so modifications is probably the last option. Any solutions?
If you can't do JSONP, then your options are:
Craete a server proxy at the domain of the page that can fetch the desired result from the other domain and relay it to you from the allowed domain.
If you're willing to limit your browser support to some modern browsers, then you can investigate Cross Origin Resource Sharing (CORS) which is a "safer" way to do cross-domain requests. You can read about it here.
Cross-domain ajax support via Flash which requires the placement of an appropriate cross-domain policy file on the host of the server you want to access. See here and here for some more info.
You can set up a server proxy at the domain of the page.
This page would then call the soap web-service and give you back the response.
This page can then be called via ajax from ui.
Found the probably most easiest way by using Ajaxpro 2, of course it's meant for .NET. http://www.ajaxpro.info/
otherwise, jfriend00's suggestions are the next best options.
Is there a way without using a server proxy to perform a cross domain GET or POST request?
If you are with only the current day browsers and have control over the external domain, you can use Cross-Origin Resource Sharing [CORS]
Most people do not have that luxury so you either have to use JSON with Padding [JSONP] or you need to use a serverside proxy.
As far as I know, there is no way to make a cross-domain request in JS, but you could just query your server and make the request from there.
Edit: as Russ Cam said above, look into JSONP.
Using YQL is an easy way of doing cross domain ajax. You can specify to have a JSON or XML object returned. IBM has a good tutorial: http://www.ibm.com/developerworks/web/library/wa-aj-jsonp2/index.html
Though just search for yql cross domain and it'll bring up numerous tutorials.
You could use Flash. Flash allows you to make a cross-domain request to another server provided that it serves a Flash cross-domain policy file (an XML file). So you will need administrative access to the other server in order to set that up.
If you think this option might be what you're looking for or you want to do SSL/TLS cross-domain, check out the opensource Forge project:
http://github.com/digitalbazaar/forge/blob/master/README
AJAX Cross Domain is a low-cost library that allows to perform cross-domain AJAX requests. http://www.ajax-cross-domain.com/