cancel
Showing results for 
Search instead for 
Did you mean: 

CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Highlighted

Re: CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Hello,

I have to subdomains like http://static.domain.com/pub/static/
http://media.domain.com/pub/media/

and your source code work perfectly for http://static.domain.com/pub/static/ but for http://media.domain.com/pub/media/ in browser not showing css content icons and Access-Control-Allow-Origin "*" not showing in browser like that subdomain.

Please help me solve it !

Thank you !

Highlighted

Re: CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

This is happening because of the CORS (Cross Origin Resource Sharing) error. This error occurs when you try to access a domain/resource from another domain. You cannot issue requests through the XMLHttpRequest to other domains or subdomains. For example, if you are doing something like writing HTML and Javascript in a code editor on your personal computer, and testing the output in your browser, you might probably get error messages about Cross Origin Requests .

 

JSONP ( JSON with Padding ) is a method commonly used to bypass the cross-domain policies in web browsers.

 

If this is for local development and you are using Chrome , you need to run Chrome with a couple of arguments to relax security like this:

 

"C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --allow-file-access-from-files --disable-web-security

If you need to enable CORS on the server in case of localhost, you need to have the following on request header.

 

Access-Control-Allow-Origin: http://localhost:9999

The other easy way out, would be to create a proxy on your local server, which gets the remote request and then just forwards it back to your javascript.