-1

A web server runs on my local network. Let's say on: http://192.168.1.12

When I visit this url with a browser, it's working fine.

When I visit this url with curl (zsh), it's working too:

curl -s "http://192.168.1.12/"

But when I try with javascript with XMLHttpRequest:

var x = new XMLHttpRequest();
x.open("GET", "http://192.168.1.12/", true);
x.send(null);

it fails (error message translated): CORS header "Access-Control-Allow-Origin" is missing.

I cannot modify the server behavior, but I think I don't need to because it's working with curl. What should I add to my javascript code to make it work?

Papa doc
  • 179
  • 2
  • 11

1 Answers1

-1

If you can’t modify your server behavior you are toast. Modern web browsers Implement security check over cross origin. You cannot call a server from another domain without proper CORS (Access-Control-Allow-Origin header Has to be present in the server http response). This is a backend mistake. Also if you REALLY need to continue to work with it, you can install extension on your browser that deactivate CORS security but I don’t recommend it.

Mickaël Boidin
  • 134
  • 3