0

I have a controller with service that would get the json from other server and i came to this

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http:somesite.com. This can be fixed by moving the resource to the same domain or enabling CORS.

I notice that some of the same issue would be fix by "Access-Control-Allow-Origin": "*" in header my in my case I don't see any progress on fixing it.

this the code for my controller :

var myApp = angular.module('cplanner',[]);

myApp.controller('GetItemCtrl', ['$scope', '$http', function($scope, $http) {

    var itemUrl = 'http:somesite.com';

    //console.log(itemUrl);
    $http({url: itemUrl,
    dataType: 'json',
    method: 'POST',
    dataType : 'json',
    headers: {
       "Access-Control-Allow-Origin": "*",
       "Access-Control-Allow-Methods": "POST, GET, OPTIONS, PATCH, DELETE",
       "Access-Control-Allow-Headers": "Origin, X-Requested-With, Content-Type, Accept"
    },
    xhrFields: {
        withCredentials: true
    }}).success(function(data, status, headers, config) {
        //check if the response has ok status
        if(data.status == "ok"){
        console.log(data.data);
            $scope.items = data.data;
        }


        }).error(function(data, status, headers, config) {


    });

}]);

I added the header but it seem not to fix my cross origin issue. Could anyone drive me by any comments and suggestion on how am i able to get the response from another server source. thank you in advance.

Improve this question

2 Answers 2

Reset to default
2

CORS is a server solution - that is - the first request a web client (JS) sends to a different domain (hence cross domain) is an OPTIONS request - which is replied by the origin server with weather or not it respect cross domain requests, if so it answers:

   "Access-Control-Allow-Origin": "*",
   "Access-Control-Allow-Methods": "POST, GET, OPTIONS, PATCH, DELETE",
   "Access-Control-Allow-Headers": "Origin, X-Requested-With, Content-Type, Accept"

Then the browser sends another request - the actual request that was meant to be sent. This whole mechanism takes place automatically. All you have to do is enabling CORS on your server. To enable CORS, here are some useful links:
ASP.NET WEBAPI
APACHE

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

CORS is something that has to be enabled on the server. If you don't have access to that server you probably won't be able to do what you were hoping. If you do have access you'll need to read up on how to enable it for whatever language the api was written in :)

See here for more info: CORS request is not allowed with AngularJS

Improve this answer

6 Comments

I see, but i dont have access to my server, is it possible doing this in htaccess?
@caffeineshots can you use JSONP or something else? Do you mean htaccess on your web server or the api server?
htaccess in my local folder, would it help? I don't want to use jsonp for some reason.
@caffeineshots no, its a server setting that has to be done on the server providing the API. You could try calling the API from your server and then providing the same data from your own API to your client if they allow that (proxying their API)
I see.the thing is my client wanted just to click the index.html file and see the result. do you have any idea what will be my workaround in that case?
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.