XHR to same domain being blocked

Question

I'm having a pretty weird problem with CORS on a webapp I'm trying to make I'm using Servlets (Tomcat8.0) for the backend. It's a school project, so I can't use a framework

A GET request to http://localhost:8080/FileBox/dashboard returns a JSON payload( plain json, not jsonp,which I could use, but its the same domain). I'm using ajax to make the XHR, but it's being blocked by chrome as CORS

Should this be happening, since I'm making the XHR from the same domain(host+port) 'localhost:8080/FileBox/dashboard.jsp' to 'localhost:8080/FileBox/dashboard'

Please, and thank you for the help!

Answer 1

You aren't making a request to http://localhost:8080/FileBox/dashboard. The error message says you are making a cross-origin request using an unsupported scheme and that http is a supported scheme.

Presumably you have made the two mistakes of:

Getting the URL wrong

You should be using a relative URL:

/FileBox/dashboard

but are trying to use an absolute URL:

http://localhost:8080/FileBox/dashboard

but have typed it wrong and are actually requesting

localhost:8080/FileBox/dashboard

Not loading the page over HTTP to start with

Possibly by double clicking the file in your system file manager, you have bypassed your HTTP server and are loading something like file:///c:/users/you/yourproject/index.html

---

Combined with the previous mistake, you end up trying to request file:///c:/users/you/yourproject/localhost:8080/FileBox/dashboard, with Ajax and get a security violation.

---

Solution

1. Fix the URL to be a proper relative URL
2. Point your browser at http://localhost:8080 instead of double clicking files in your file manager