CORS AJaX GET

Forum|Forum|7 years ago
July 12, 2018
1 reply
560 views

Hello, all,

I was just wondering if anyone has successfully accomplished a CORS via AJaX by setting the "Access-Control-Allow-Origin" header to either wildcard (*) or FQDN (www.anothersite.com)?

I found a claim that I can use a CFHEADER tag to set the Access-Control-Allow-Origin and complete a cross-origin request. I was just wondering if anyone else has successfully done the same thing (regardless of server-side language).

V/r,

^ _ ^

This topic has been closed for replies.

Correct answer WolfShade

Welp.. I found my answer. "DENY". Webserver is set to disallow, so even including the special header "Access-Control-Allow-Origin" will not work.

My job can sometimes be like herding cats.

V/r,

^ _ ^

D

Dave Watts

Community Expert

I've done this in .NET. I would assume it would also work in CF, but don't remember testing it recently.

Dave Watts, Fig Leaf Software

Dave Watts, Eidolon LLC

WolfShadeAuthor

Legend

I don't know what I'm doing incorrectly, but I can't get it to work. Looking at the header info, it still shows my staging FQDN as the origin, and nothing about Access-Control-Allow-Origin is present (viewing in DevTools.)

Is it possible that a webserver can be set so that a CF server cannot alter the header in question?

V/r,

^ _ ^

WolfShadeAuthorCorrect answer

Legend

Welp.. I found my answer. "DENY". Webserver is set to disallow, so even including the special header "Access-Control-Allow-Origin" will not work.

My job can sometimes be like herding cats.

V/r,

^ _ ^

Sign up

To post, reply, or follow discussions, please sign in with your Adobe ID.

Sign in to Adobe Community

To post, reply, or follow discussions, please sign in with your Adobe ID.

Scanning file for viruses.

This file cannot be downloaded