Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3412
Views
2
Helpful
5
Replies

No 'Access-Control-Allow-Origin' on calls to apidemoeu.webex.com

jmennear
Cisco Employee
Cisco Employee

‎06-04-2014 12:39 PM

I am getting an error when running my application on Google Chrome.

The error is : XMLHttpRequest cannot load https://apidemoeu.webex.com/WBXService/XMLService. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://localhost:44301' is therefore not allowed access.

I have gone through a bunch of CORS documents but I am not able to figure out if it is a CORS issue or, if it is something else.

Is there someone there who can provide some guidance to help get be past this problem?

By the way, the exact same code works perfectly when run in Internet Explorer, so I am pretty sure the code itself is OK.

Thanks.

1 person had this problem
Labels:
5 Replies 5

nmorrow
Cisco Employee
Cisco Employee

‎06-04-2014 12:56 PM

Hello,

     This is a cross domain scripting security feature built in to your web browser. It would not be feasible to add an access control allow origin on the XML API server, due to the unlimited number of origins possible. You will need to rely on a server to server communication, or require browsers with no such security limitation.

0 Helpful

jmennear
Cisco Employee
Cisco Employee
In response to nmorrow

‎06-04-2014 01:03 PM

Server to server would be a proxy server I set up and my application sends a request to my proxy and that proxy talks to the webex server?

Are there any such servers out there?

Do I have to build a proxy server and a proxy server application to perform something like that?

-john mennear

408-894-6856

http://cisco-ucdt.blogspot.com/

http://cisco-ciac.blogspot.com/

0 Helpful

nmorrow
Cisco Employee
Cisco Employee
In response to jmennear

‎06-04-2014 01:09 PM

Hello,

     Server to server would be built on PHP, ASP, Perl, etc, rather than JavaScript. Local scripting is much less secure and your browser has included additional security measures when using it to send information to a domain that is different than yours. I have not found a way to get around this security measure in either Chrome or Firefox. Internet Explorer will usually allow this after clicking the information bar and allowing it. Safari on OSX also tends to work for cross domain scripting.

0 Helpful

dstaudt
Cisco Employee
Cisco Employee
In response to nmorrow

‎06-04-2014 01:17 PM

A different API, but this page has some background/info/suggestions and actual configurations which may help in getting a simple HTTP proxy up...

https://developer.cisco.com/site/collaboration/jabber/websdk/develop-and-test/im-and-presence/xmpp-deployment-guide/inde…

0 Helpful

jmennear
Cisco Employee
Cisco Employee
In response to nmorrow

‎06-04-2014 01:28 PM

For anyone out there in the future who has this problem I found a way to disable cross browser security in chrome:

Start chrome like this:

C:\PROGRA~2\Google\Chrome\Application\chrome.exe --user-data-dir="C:/Chrome dev session" --disable-web-security

Reference information came from

http://stackoverflow.com/questions/3102819/disable-same-origin-policy-in-chrome

-john mennear

408-894-6856

http://cisco-ucdt.blogspot.com/

http://cisco-ciac.blogspot.com/

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents