0

I'm developing a web app with AngularJS. It consists in an admin interface that rely on an json-rpc API that resides on another domain.

In my local enviroment, if I make a Request (with AngularJS) to API server I get the error "Origin http://localhost:8080 is not allowed by Access-Control-Allow-Origin" in my console Browser".

I've read the limit of modern browsers to blocking the request to another domain, but.... if there is no solution... Do I need to create my web service (with one backend language: es: PHP or Python) that make requests to API web server and then make the AngularJS request to this?

Why I need another "web server" in the middle of my application infrastructure?

Thanks in advance. F.

Update: I've read about crossdomain.xml file here: http://www.adobe.com/devnet/adobe-media-server/articles/cross-domain-xml-for-streaming.html

Does it could be, in someway, the solution of my problem?

Fabrizio A
  • 3,072
  • 5
  • 24
  • 35
  • 1
    https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS – pablochan Jan 24 '15 at 00:04
  • Thanks, I've read the docs you posted. After a google search I've found https://support.zabbix.com/browse/ZBX-8459 I need to consume those API and... I don't understand if it is possible with any configuration of HEADER request from AngularJS (XMLRequest). Thanks a lot for any suggestion. – Fabrizio A Jan 24 '15 at 10:46

2 Answers2

3

Because server must send headers with CORS enabled when responding to ajax requests. Something like:

'Access-Control-Allow-Origin', '*'

'Access-Control-Allow-Credentials', true

'Access-Control-Allow-Methods', 'POST, GET, PUT, DELETE, OPTIONS'

'Access-Control-Allow-Headers', 'Content-Type'

But read more about CORS to protect your server. Current internet browsers checks for these headers when You are sending ajax communication. It is for security reasons.

Mati
  • 2,476
  • 2
  • 17
  • 24
1

Having a web server is always an option, but if you want to stay on the client, consider using JSONP. Read about it here: What is JSONP all about?

Community
  • 1
  • 1
Shomz
  • 37,421
  • 4
  • 57
  • 85
  • Jsonp is compatible with this json-rpc api https://www.zabbix.com/documentation/2.2/manual/api ? – Fabrizio A Jan 24 '15 at 00:18
  • Ops... Actually my Zabbix API version is 2.2. Here the explanation: https://support.zabbix.com/plugins/servlet/mobile#issue/ZBX-8459 – Fabrizio A Jan 24 '15 at 00:30
  • but the issue is for OPTION method.... with POST method can I make my requests? Thanks for any suggestion and sorry... I'm a newbie to AngularJS ad frontend development. – Fabrizio A Jan 24 '15 at 00:34
  • Hmm, sorry, I've never seen this before and the docs are less than clear. Perhaps you should update your question or open a new one, with all the Zabbix info included. – Shomz Jan 24 '15 at 00:38