I need to send an AJAX request from a github.io domain and get a response. My problem is that CORS is always returning that the server does not have the origin header. I am unable and will not change the server. I need some way around CORS that does not require a proxy. Since PHP cannot be hosted on GitHub.
Asked
Active
Viewed 263 times
1
-
If the destination server doesn't provide the headers or a JSONP based solution, you are basically asking for a security flaw in CORS. – Derek May 20 '16 at 16:54
-
@Derek How can I find out if it supports JSONP or not? I have the source of the server here. https://github.com/Cvolton/GMDprivateServer/blob/master/getGJUserInfo20.php – Nexrem May 20 '16 at 17:44
-
A JSONP service would call a callback function with the result as parameter (see https://en.wikipedia.org/wiki/JSONP). Your server does not provide this. – Derek May 20 '16 at 18:55
-
@Derek So any way around it then? I'm able to make requests using NodeJS. I want some way to communicate with that server from my page. – Nexrem May 20 '16 at 19:01
-
1No, you can't. It is a security feature. In order to make cross-origin calls from javascript in a browser, the server has to give its permission. – Derek May 20 '16 at 19:21
-
@DerekI'm currently doing it with a php proxy but want to find a better way. I know it's a security feature, although not a good one. I know that flash and python for instance do not error out because of CORS. – Nexrem May 20 '16 at 23:43
-
Possible duplicate of [Ways to circumvent the same-origin policy](http://stackoverflow.com/questions/3076414/ways-to-circumvent-the-same-origin-policy) – Derek May 23 '16 at 12:40
-
Here is a list of solutions to work around these limitations, but as you can see none of these can do miracles for your use case : http://stackoverflow.com/questions/3076414/ways-to-circumvent-the-same-origin-policy – Derek May 23 '16 at 12:42