What could cause cross-domain-policy not to work?
Question
I was trying to communicate with a site on another domain. I'm using javascript(xhr) to communicate. I have created a crossdomain.xml with open access from all domains and added it to the root of the domain I want to communicate to. I can even access the file by pasting it's link in the address bar. But I still get the same error on chrome console
Origin xxxxxxxx.com is not allowed by Access-Control-Allow-Origin.
what could possible be the reason. Is there anything I'm overlooking?
3 answers
solution1
0 2012-01-31 15:33:03
what do you mean "with open access from all domains and added it to the root of the domain I want to communicate to"?
xhrs cannot hit other domains unless you use CORS .
You can access the file in the browser because it's not using an xhr when you type the URL in the address bar.
solution2
0 ACCPTED 2012-01-31 15:34:29
crossdomain.xml is a Flash thing, but your error message appears to be related to CORS.
You need to configure your server to send suitable HTTP response headers (and handle preflight OPTIONS requests) as per the specification
solution3
0 2012-01-31 15:37:38
Using CORS means having all responses from the server return
"Access-Control-Allow-Origin" ":" origin-list-or-null | "*"
for example
"Access-Control-Allow-Origin:*"
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.