ByMgRs Posted July 20, 2016 Posted July 20, 2016 Hey all! This is going to be a question more aimed at web designers/anyone who are knowledgeable about CORS. I wanted to have a look into developing a simple webpage that I could use to update settings on my R1 such as changing Strict mode, radius and ping etc. I tried simply using a jQuery ajax request which I expected would fail. As a response I received: XMLHttpRequest cannot load http://R1ipwouldbehere/cgi-bin/update_distance.sh. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 501. So i attempted to add a access-control-allow-origin header with no luck, see my code below: var xhr = new XMLHttpRequest(); xhr.open('GET', 'http://R1ipwouldbehere/cgi-bin/update_distance.sh'); xhr.setRequestHeader('Access-Control-Allow-Origin', '192.168.0.18'); xhr.onreadystatechange = function () { if (this.status == 200 && this.readyState == 4) { console.log('response: ' + this.responseText); } }; xhr.send(); Any suggestions on how to use CORS?
Netduma Staff Netduma Crossy Posted July 20, 2016 Netduma Staff Posted July 20, 2016 The header has to be added server side. If the page is just for you then you could use a chrome extension such as this to add the header. If you do use that extension, apply the rules carefully as if done incorrectly it could potentially be a security hole in your browser.
ByMgRs Posted July 22, 2016 Author Posted July 22, 2016 Thanks Crossy! I suppose this would not be the correct way to go about making a program accessible by all then? I know I need to go and do some digging but do you know how other apps such as the non-official iPhone app were made?
Netduma Staff Netduma Crossy Posted July 22, 2016 Netduma Staff Posted July 22, 2016 Thanks Crossy! I suppose this would not be the correct way to go about making a program accessible by all then? I know I need to go and do some digging but do you know how other apps such as the non-official iPhone app were made? One possible way to have it accessible is be to make it into a browser extension that adds the header and also shows the options page you are making - then it's all in done one. It's the browser which doesn't allow you to receive the response from the request. So if you make the request through something that isn't a browser e.g. desktop application or mobile application then it's fine.
Recommended Posts
Archived
This topic is now archived and is closed to further replies.