larryq (38) [Avatar] Offline
#1
I know this is a forum for the book (which I'm loving so far, even in early format) but my stackoverflow question on this has unhappily gone unanswered. Hoping someone can set me straight on this generic CORS question.

I'm having trouble making an ajax call from my browser, using jQuery 1.10. The page running the ajax client is mybox.mycompany.com and the ajax call is to a web api at api.mycompany.com

I cannot get that call to work. I'm getting a forbidden, 403, forget it larryq message. I have control of mybox.mycompany.com and have set the response headers with what I believe to be wide-open access:

Access-Control-Allow-Origin = *
Access-Control-Allow-Methods = "GET, POST, PUT, DELETE"

My question-- do I have to set those same headers on api.mycompany.com for this all to work?
monsur.hossain (22) [Avatar] Offline
#2
Re: CORS-- testing my understanding
Do you have a link to your StackOverflow question?
larryq (38) [Avatar] Offline
#3
Re: CORS-- testing my understanding
monsur.hossain (22) [Avatar] Offline
#4
Re: CORS-- testing my understanding
I added a comment to your SO question. You should also consider purchasing the book. There's going to be a chapter on debugging CORS requests that will go into more detail on how to debug issues like this. Thanks!
larryq (38) [Avatar] Offline
#5
Re: CORS-- testing my understanding
Thanks Monsur. I've got the MEAP and have gone through half of it so far-- great read, love the examples.