Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at

Question

I tried using a web app that would access h20 flow using REST API routes and when I tried to delete a frame (it would delete the frame after predicting), this happens:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://139.59.249.87:54321/3/Frames/1i3uso. (Reason: CORS header 'Access-Control-Allow-Origin' missing).

I'm using ruby rails in order to build the web app. Any advice? I used this route: DELETE /3/Frames/{frame_id} and this coffee script is used:

deleteUploadFrame = (frame_id) ->
$.ajax
url: "http://139.59.249.87:54321/3/Frames/#{frame_id}"
method: 'DELETE'

This is the error:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://139.59.249.87:54321/3/Frames/1i3uso. (Reason: CORS header 'Access-Control-Allow-Origin' missing).

What should I do for this?

score -1 · Answer 1 · answered Jul 19 '16 at 09:31

-1

Add these lines to application controller. This will fix your problem.

   after_filter :cors_set_access_control_headers

  def cors_set_access_control_headers
    headers['Access-Control-Allow-Origin'] = '*'
    headers['Access-Control-Allow-Methods'] = 'POST, PUT, DELETE, GET, OPTIONS'
    headers['Access-Control-Request-Method'] = '*'
    headers['Access-Control-Allow-Headers'] = 'Origin, X-Requested-With, Content-Type, Accept, Authorization'
  end

answered Jul 19 '16 at 09:31

sohail khalil

750
9
24

It still is producing the same error. My web app is running on a different domain to the H20 flow server – Etsio Jul 19 '16 at 09:39

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at

1 Answers1

Linked