Help please solve the problem with the cross-domain query. I placed the backend on one server, and the frontend on the other. Now using ajax request, the front-end script cannot retrieve data from the backend

Here is the address where you can get the data:

http://zlodiak.pythonanywhere.com/days/1497104260/1497968260

Here is my script that sends an ajax request to the above address. The ajax request is sent after the user selects the date '2017-06-01' in the first datapicer, and in the second datapicher selects the date '2017-06-30'. Then presses the submit button

As a result, the console says that the cross-domain query is not allowed:

XMLHttpRequest cannot load http://127.0.0.1:8000/days/1496264400/1498770000 . No 'Access-Control-Allow-Origin' header is present. Origin ' https://fiddle.jshell.net ' is therefore not allowed access. The response had HTTP status code 400.

I tried to have both frontend and backend on one server. In this case, all the problems described were not there and the bundle worked without problems. But I need the front end and backend to be on different servers

1 answer 1

It is necessary for your server to at least give the CORS header :

 Access-Control-Allow-Origin: *

It is even better that he give specific hosts from where to make a request.

For example, for web2py this is done like this:

 if request.env.http_origin: response.headers['Access-Control-Allow-Origin'] = request.env.http_origin

You can limit the condition for which hosts such a title will be for which ones - no.