MVC Access-Control-Allow-Origin

Question

This relates to https://stackoverflow.com/a/10143166/2360569, but I haven't gotten the accepted answer to work.

I am simply making an ajax request from a client script, which works locally but not on a test server.

ClientScript.js:

var AppViewModel = function () {
var self = this;

self.Refresh = function () {
    $.ajax({
        url: "http://localhost/AppName/ControllerName/GetData",
        type: 'GET',
        contentType: 'application/json; charset=utf-8',
        success: function (data, textStatus, jqXHR) {
            //do stuff
        },
        error: function (jqXHR, textStatus, errorThrown) {
            //should do something here
        },
        complete: function (jqXHR, textStatus) {
            //other stuff
        }
    });
}

For my MVC web service, I added this function to the global.asax.cs:

    protected void Application_BeginRequest(object sender, EventArgs e)
    {
        HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "http://localhost");
        HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "http://testdev");
    }

I am still getting this error message when I deploy to the "testdev" server:

XMLHttpRequest cannot load http://localhost/AppName/ControllerName/GetData.
Origin http://testdev is not allowed by Access-Control-Allow-Origin.

What am I missing here?

Answer 1

You're using an absolute url (http://localhost/AppName/ControllerName/GetData), what is only valid on your local environment. Change it to something like this

url: "/AppName/ControllerName/GetData",