0

I'm trying to implement a login service on a Web app using Sencha Touch. I already have a REST service working properly (I can test it using chomr extension Dev HTTP Client).

Now, the request is an Ajax request after doing some research, I've found out that cross-domain requests are protected, according to CORS. I modified my Ajax client, adding:

useDefaultXhrHeader: false

when constructing the Ajax request, and I added to the headers:

Access-Control-Allow-Headers: x-requested-with
Access-Control-Allow-Origin: *

in my response.

Still using the Dev HTTP Client, I can now see my headers correctly set in the response. But, in my app, I keep getting the error:

No 'Access-Control-Allow-Origin' header is present on the requested resource

If I use the --disable-web-security parameter when launching Chrome, everything works as it should, headers are sent (or at least, they are not blocked anymore by Chrome), but obviously, this is not the proper way to do it.

Can someone help me out on this?

Fenhryl
  • 1
  • 1
  • Have you read [this post](http://stackoverflow.com/questions/20035101/no-access-control-allow-origin-header-is-present-on-the-requested-resource-w)? It sounds like it's more a problem with the headers on your server than with Sencha Touch. – arthurakay Apr 02 '14 at 14:51

1 Answers1

0

Please follow the link http://enable-cors.org/server_apache.html and enable cors on your server. You client ajax request is correct but you still need enable cors on the server.

Kathir
  • 6,136
  • 8
  • 36
  • 67