access-control-allow-origin not working
Question
I'm integrating the API system into my website, however I got this message from Google chrome's console: XMLHttpRequest cannot load https://api.mysocialsync.com/ . Origin https://www.mysocialsync.com is not allowed by Access-Control-Allow-Origin.
Now luckely I know what that error means and I tried to solve it (also with help of other stackoverflow pages) but none of the solutions worked, even
header("access-control-allow-origin: *");
didn't do the trick.
I'm out of idea's unfortunatly, I hope there is someone here who has an solution to this.
My server is running PHP5 with suhosin.
1 answers
solution1
4 ACCPTED 2011-12-16 17:10:11
It's not your website that should be sending the Access-Control-Allow-Origin header, but the website you are requesting (ie the MySocialSync API). If the header would work the way you think it does, you could eg read a user's private Facebook messages and do other nasty cross-site data requests.
I'd recommend contacting the API creators to have them add the header.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.