Reputation: 6467
access-control-allow-origin not working
I'm integrating the API system into my website, however I got this message from Google chrome's console: XMLHttpRequest cannot load https://api.mysocialsync.com/. Origin https://www.mysocialsync.com is not allowed by Access-Control-Allow-Origin.
Now luckely I know what that error means and I tried to solve it (also with help of other stackoverflow pages) but none of the solutions worked, even
header("access-control-allow-origin: *");
didn't do the trick.
I'm out of idea's unfortunatly, I hope there is someone here who has an solution to this.
My server is running PHP5 with suhosin.
Upvotes: 2
Views: 1049
Answers (1)
Reputation: 2413
It's not your website that should be sending the Access-Control-Allow-Origin header, but the website you are requesting (i.e. the MySocialSync API). If the header would work the way you think it does, you could e.g. read a user's private Facebook messages and do other nasty cross-site data requests.
I'd recommend contacting the API creators to have them add the header.
Upvotes: 4
Related Questions
- header('Access-Control-Allow-Origin: *'); Not allowing CORS request
- Nginx Access-Control-Allow-Origin not working
- getting error of Access-Control-Allow-Origin header
- Access-Control-Allow-Origin not working at all
- PHP - Access-Control-Allow-Origin not working
- Error: No 'Access-Control-Allow-Origin' header is present on the requested resource
- PHP Access-Control-Allow-Origin header not working
- PHP Access-Control-Allow-Origin not working
- Issue with Access-Control-Allow-Origin on server
- Access-Control-Allow-Origin Error : i tried setting headers to allow domains but still not working,