Dealing with the Same Origin Policy when developing AJAX based JQueryMobile apps
The title of this post is quite a mouthful, but this was a tricky problem to fix and I wanted to share it here.
Basically I am developing a mobile app using html, css and JavaScript. The app uses ajax to retrieve its data from the backend server (Google Cloud SQL). This does not present a problem when I am running the app as a packaged apk (which just contains web technologies and a single Activity to bootstrap the whole thing). However when I am in development mode on my desktop I get all the advantages that a decent browser has to offer a developer - inspection, view the DOM etc. Can't reasonably develop without this stuff. The difficulty arises when I try to run the phone app on Chrome. The JavaScript security in the shape of the Same Origin Policy prevents the ajax from running. To get around this you need to set a response header on your backend server - the one that runs your servlet. This looks like this:
res.setHeader("Access-Control-Allow-Origin", "*");
Once that is in place the Ajax will run. Note that this is not a production thing. In production (packaged app) everything runs fine. It's when you try to run this locally that everything falls apart.
Now I can get to developing some nice mobile apps :)
Basically I am developing a mobile app using html, css and JavaScript. The app uses ajax to retrieve its data from the backend server (Google Cloud SQL). This does not present a problem when I am running the app as a packaged apk (which just contains web technologies and a single Activity to bootstrap the whole thing). However when I am in development mode on my desktop I get all the advantages that a decent browser has to offer a developer - inspection, view the DOM etc. Can't reasonably develop without this stuff. The difficulty arises when I try to run the phone app on Chrome. The JavaScript security in the shape of the Same Origin Policy prevents the ajax from running. To get around this you need to set a response header on your backend server - the one that runs your servlet. This looks like this:
res.setHeader("Access-Control-Allow-Origin", "*");
Once that is in place the Ajax will run. Note that this is not a production thing. In production (packaged app) everything runs fine. It's when you try to run this locally that everything falls apart.
Now I can get to developing some nice mobile apps :)
Comments
Post a Comment