No 'Access-Control-Allow-Origin' header is present on the requested resource

824 views
Skip to first unread message

Abhilash Sathe

unread,
Nov 7, 2016, 6:32:17 AM11/7/16
to Polymer

XMLHttpRequest cannot load http://serverthati'mrequesting.com?id=1. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. I used CORS add on in chrome and then it works. But otherwise it doesn't. How can I fix this? I'm using node js server. polymer-cli tools.


<iron-ajax

        id="requestRepos"

        headers='{"Accept": "*/*"}'


        url="http://serverthati'mrequesting.com"

        params="{{requestParams}}"

        handle-as="json"

        on-response="handleResponse" ></iron-ajax>

Daniel Llewellyn

unread,
Nov 7, 2016, 9:16:54 AM11/7/16
to Abhilash Sathe, Polymer
On Mon, 7 Nov 2016 at 11:32 Abhilash Sathe <abhila...@gmail.com> wrote:

XMLHttpRequest cannot load http://serverthati'mrequesting.com?id=1. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8080' is therefore not allowed access. I used CORS add on in chrome and then it works. But otherwise it doesn't. How can I fix this? I'm using node js server. polymer-cli tools.


The server that is hosting your javascript and html imports (serverthati'mrequesting.com per your example) needs to add the HTTP header (the domain-name in your example should be "localhost"):

Access-Control-Allow-Origin: <domain-name of your site>

OR to allow everyone to use those assets:

Access-Control-Allow-Origin: *

The actual configuration of your server is probably beyond the scope of this list. If "serverthati'mrequesting.com" is running Apache then you can find documentation here: https://httpd.apache.org/docs/current/mod/mod_headers.html#header Which suggests to add into your server config a line similar to (for your example):

Header add Allow-Access-Control-Origin localhost

Daniel Llewellyn

unread,
Nov 7, 2016, 9:18:36 AM11/7/16
to Abhilash Sathe, Polymer


On Mon, 7 Nov 2016 at 14:16 Daniel Llewellyn <dan...@bowlhat.net> wrote:
Header add Allow-Access-Control-Origin localhost

I mistyped the header name here. It should be "Access-Control-Allow-Origin". Sorry :-) 

Abhilash Sathe

unread,
Nov 7, 2016, 9:28:08 AM11/7/16
to Polymer, abhila...@gmail.com
Yes, it's an Apache Tomcat server. So, I guess, I'll need to add the the Allow CORS tag snippet in that.
Reply all
Reply to author
Forward
0 new messages