I have an HTML5/JavaScript app that was originally written to run in certain cars. Basically, I need to set up my app to run in the browser for a simple demo to a customer.
I'm using jQuery .ajax which is causing problems due to the Same Origin Policy. I have found plenty of ways to disable this in desktop browsers, but not mobile ones.
My goal is to demo the app on an iPad in Mobile Safari. Is there any way to temporarily disable the Same Origin Policy on an iPad?
I have an HTML5/JavaScript app that was originally written to run in certain cars. Basically, I need to set up my app to run in the browser for a simple demo to a customer.
I'm using jQuery .ajax which is causing problems due to the Same Origin Policy. I have found plenty of ways to disable this in desktop browsers, but not mobile ones.
My goal is to demo the app on an iPad in Mobile Safari. Is there any way to temporarily disable the Same Origin Policy on an iPad?
Share Improve this question asked Aug 27, 2012 at 22:09 DannyDanny 3,6657 gold badges44 silver badges58 bronze badges 4- 1 +1, I would love an answer to this too. – Andrew Joslin Commented Dec 13, 2012 at 16:16
- Have you tried setting the header Access-Control-Allow-Origin: * on the server? – Kyle Nunery Commented Dec 21, 2013 at 17:20
- Unfortunately I have no control over the server I am making AJAX calls to. My short-term solution was to host a php proxy script on the same server that I hosted my html/js on. Fortunately, the services I needed finally added CORS headers to their responses which allowed me to do away with my proxy script. – Danny Commented Jan 7, 2014 at 21:45
- 1 Currently (today) there is no other proper solution rather than setting the header "Access-Control-Allow-Origin: *". Your client side solutions won't satisfy you. Another way is using JSONP (=changing your munication way). All these solutions are already postet. – user2227400 Commented Oct 20, 2015 at 19:01
5 Answers
Reset to default 1I had the same problem with a sencha app. I resolved by setting a base path to my javascript ajax calls, example:
var BASEPATH = 'http://192.168.1.200/myapp';
$.ajax({
url: BASEPATH+'/someaction'
});
And from the mobile I access it with http://192.168.1.200/myapp
My problem was that the from mobile I get access only with IP but ajax call were point to localhost.
Hope this trick helps.
You need to run a web server, not the file protocol.
Basically, you need a header.
Put this code at the top of the page you want to send cross domain requests to.
<?php header("Access-Control-Allow-Origin: *"); ?>
Be careful with the *, as this allows any website to send requests to the page from which that header is sent from.
The * can be replaced with domains, such as example., example.
Try to use JSONP in your ajax call. It will bypass the Same Origin Policy.
http://learn.jquery./ajax/working-with-jsonp/
It can be possible in Javascript if you use an ajax call to a public proxy which basically removes the same origin header. Or you could write a php curl get page where you make the call to using ajax. For code on this check this blogpost:
http://thewebtimes.tumblr./post/90549614884/access-forbidden-webpages-with-javascript