Home/ Questions/Q 447789
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-12T21:36:18+00:00

I need to temporally allow cross domain XMLHttpRequest. Changing firefox security setting seems to

  • 0

I need to temporally allow cross domain XMLHttpRequest. Changing firefox security setting seems to be the way to go. But I’ve tried with this and this but they didnt work. Has anyone been able to configure this before? Thanks.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    For modern browsers, you may try the following approach:

    https://developer.mozilla.org/en/HTTP_access_control

    In short, you need to add the following into the SERVER response header (the following allows access from foo.example):

    Access-Control-Allow-Origin: http://foo.example
Access-Control-Allow-Methods: POST, GET, OPTIONS
Access-Control-Allow-Headers: X-PINGOTHER
Access-Control-Max-Age: 1728000

    Note that the X-PINGOTHER is the custom header that is inserted by JavaScript, and should differ from site to site.

    If you want any site access your server in Ajax, use * instead.

    Edit:

    When I first answered the question by 2009, I actually hit the same problem, and I worked around it using the server side config.

    There was no plugin on FF or Chrome by then.

    However, now we do have alternatives using the browser side plugin, please check the answer of tsds

    • 0