How do I CORS?

0 favourites
  • 12 posts
  • Example:

    I manualy enable CORS in Browser

    result:

    If you want AJAX requests to your server to work from any domain, or in preview, you can configure it to send the following HTTP header:

    Access-Control-Allow-Origin: *

    This will enable AJAX requests from any domain....

    Please...can someone explain to me ...slowly... how to do this from C2?

  • You don't do anything from C2, you configure your server to return a response header with "Access-Control-Allow-Origin: *".

    This should help : http://enable-cors.org/server.html

  • Ok..psd@Magistross ...you you're talking about

    [quote:1xhz1v05]When Site A tries to fetch content from Site B, Site B can send an Access-Control-Allow-Origin response header to tell the browser that the content of this page is accessible to certain origins. (An origin is a domain, plus a scheme and port number.) By default, Site B's pages are not accessible to any other origin; using the Access-Control-Allow-Origin header opens a door for cross-origin access by specific requesting origins.

    this part..let's say...I understand

    But ..This part in Manual confuses me...

    If you want AJAX requests to your server to work from any domain, or in preview, you can configure it to send the following HTTP header:

    Access-Control-Allow-Origin: *

    This will enable AJAX requests from any domain....

    so..if i want Cors to work in preview(on localhost:50000)

    like this:

    What i need to configure?

  • The server(s) you will be trying to reach with AJAX request.

  • Thanks!

  • If you are fetching a server side scripted page, you could also just modify the request there by appending the header.

  • If you are fetching a server side scripted page, you could also just modify the request there by appending the header.

    NOT!!!!

    Sorry, I not following you..

    to try one more time.....is it possible in C2 (via Ajax,Browser executeJs,jQuery...)

    set Access-Control-Allow-Origin: *

    ...................is it possible to Browsers(Chrome,IE,FF,Opera..) to access data from some site in previw..

    (like NW.js):

    ..If Not..................Thank you very much!

    if Yes.....................and you want to help me..

    .................................................................................Please, Exacly How?(Screenshot & Capx)

    Thank You!

  • https://www.scirra.com/tutorials/61/aja ... onstruct-2 does this helps? has parts where u can call data from php and send data to a php file... not sure if u mean this, never played with ajax

    here is the capx inside the tutorial above ZIP DOWnload

    some other stuff for highscores and Stuff

    those memes bruh... hilarious

  • I'm reading...I'm learning....

    I convinced myself that C2 has some kind of super power...

    i have Browser object and i have AJAX...

    so ..what is easier... than:

    On start of layout....Browser disable Same-origin policy

    Or

    On start of layout...Browser...-disable-web-security -–allow-file-access-from-files

    Thanks!

  • If it was that easy for an application to bypass such an important server security then surely that would make the whole concept of CORS pointless, surely.

    A server has to be setup to allow CORS first. It seams to me that you want to set CORS from C2 which doesn't make sense.

    This is just my understanding and may obviously be in error.

  • If it was that easy for an application to bypass such an important server security then surely that would make the whole concept of CORS pointless, surely.

    It seams to me that you want to set CORS from C2...

    Yes

    ... that it was my intention...somehow "inject" CORS from C2...

  • Try Construct 3

    Develop games in your browser. Powerful, performant & highly capable.

    Try Now Construct 3 users don't see these ads
  • You can't do that in C2, and you can't do that in any javascript application because at this moment when the javascript is executed, it's too late and you can't intercept and modify the header sent by the server to allow CORS.

    The chrome extension is working because it can intercept the header and modify it before it is parsed by the browser.

    In fact, what do you want to do with that ? If you want to access a server on an other domain you own, you can configure the server to allow CORS.

Jump to:
Active Users
There are 1 visitors browsing this topic (0 users and 1 guests)