CORS on localhost to test an app?

Question

I'm trying test an app on browser. The problem is that my webservice is it in localhost also and when I try execute some request to the webservice does returns of CORS exception says same origin policy. Looking for solutions I found a way to disable CORS on Firefox executing this way: about:config -> security.fileuri.strict_origin_policy -> false but doesn't works.

How could I solve this ?

I created the webservice with CakePHP.

CakePHP webservice function

/** do login in app */
public function doLogin(){            
            $this->autoRender = false;
            $this->response->header('Access-Control-Allow-Origin', '*');
            $this->response->type('json');                
            $retorno = array("email"=>"me@gmail.com", "senha"=>"senha");            
            return json_encode($retorno);
}

Tried add in beforeRender of controller also

public function beforeRender() {
            header("Access-Control-Allow-Origin: *");
            parent::beforeRender();
        }

AngularJS

var app = angular.module("starter");

app.service("UserLoginAPI", function($http, AppConstants, Base64){
    this.doLogin = function(User){
        var _url = "http://localhost/AppPanel/users/doLogin.json";
        var _authdata = Base64.encode(User.email + ':' + User.senha);

        var _headers = {
                'Authorization': 'Basic ' + _authdata,
                'Accept': 'application/json; charset=utf-8',
                'Content-Type': 'application/json; charset=utf-8'               
            };

        return $http({
            method: 'POST',             
            url: _url,              
            headers: _headers               
            });         

    };
});

There is more to CORS than a single header ... see http://stackoverflow.com/a/9866124/1175966 for pure php solution. Likely will find cake integrations also with some searching. Important to make sure you are handling OPTIONS requests — charlietfl, Nov 13 '15 at 03:01
Also your `post` is set up incorrectly. The posted data should be second argument and the config object should have `headers` as a property — charlietfl, Nov 13 '15 at 03:06
@charlietfl ups, I posted the return of post wrong. now is ok. If I execute on device does works fine but on browser not because CORS — FernandoPaiva, Nov 13 '15 at 03:46

score 1 · Accepted Answer · answered Nov 14 '15 at 01:57

1

Solved the problem. I added these parameters in Chrome shortcut and now works fine. --args --allow-file-access-from-files --disable-web-security

answered Nov 14 '15 at 01:57

FernandoPaiva

4,410
13
59
118

CORS on localhost to test an app?

1 Answers1