Access-Control-Allow-Origin:* setting

Asked by Sandeep Kuttal on 2010-11-06

Hi,

I was having problem with the code executing on firefox. The same HTML file using XMLHttprequest (Ajax) call which was working fine on safari but it did not worked for the firefox. On exploring more I got to know that it is an issue of cross domain problem. The cross domain ajax calls are not allowed in firefox. I figured out that setting

Access-Control-Allow-Origin:*

will allow all the responses to be accepted by other domain. I think I need to either change in header or insert in header this field.
I got this solution from this site

https://developer.mozilla.org/En/HTTP_Access_Control

So what are anyone's recommendation for that. I checked the squid Httpheader file it did not contained this field i.e. Access-Control-Allow-Origin

so I think I have to insert it in all the responses coming.

Can any one suggest how to go with this problem...I am struggling with this for long...

Thanks
Sandeep

Question information

Language:
English Edit question
Status:
Solved
For:
eCAP Edit question
Assignee:
No assignee Edit question
Solved by:
Sandeep Kuttal
Solved:
2010-11-09
Last query:
2010-11-09
Last reply:
2010-11-07
Alex Rousskov (rousskov) said : #1

If these responses go through Squid, then see whether the header_replace directive in squid.conf does what you want.

If header_replace is not flexible enough an eCAP module can change or add any response header.

Sandeep Kuttal (skuttal) said : #2

Thanks Alex.... I was able to solve by using ecap to insert headers in response message...