Skip to content

Instantly share code, notes, and snippets.

@simonrw
Last active December 14, 2015 18:19
Show Gist options
  • Save simonrw/5128283 to your computer and use it in GitHub Desktop.
Save simonrw/5128283 to your computer and use it in GitHub Desktop.
Cross server ajax workaround
var allowedHost = {
// Add your allowed hosts here
'http://localhost:3001': true,
'http://localhost:7357': true
};
var allowCrossDomain = function(req, res, next) {
// If the domain is allowed, set the response headers to reflect this. Otherwise reject the authentication
if(allowedHost[req.headers.origin]) {
res.header('Access-Control-Allow-Credentials', true);
res.header('Access-Control-Allow-Origin', req.headers.origin)
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
res.header('Access-Control-Allow-Headers', 'X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5, Content-Type, Date, X-Api-Version');
next();
} else {
res.send(403, {auth: false});
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment