Forum | Appery.io

I'm using the REST API to obtain data from another server and this is the error that appears in Google Developer tools:

XMLHttpRequest cannot load http://www.hostname.com/parties. Origin http://project.tiggzi.com is not allowed by Access-Control-Allow-Origin.

Followed http://en.wikipedia.org/wiki/Cross-or... and solved it by modifying the headers

where Access-Control-Allow-Origin = *

to allow the results to be read by any domain.

However, I'm not sure of the security implications of this action. Is there a guide I could read to explain the implications?

Hi Zaki,

This is the politics of cross-domain requests on browsers.
See our docs: http://docs.tiggzi.com/documentation/...
As a workaround you can tick "Use Tiggzi Proxy" in Rest service settings.

I am using the sendgrid plugin and getting this error on self hosted site. I cannot find CORS support for sendgrid. The proxy setting is already checked. What can I do?

When you export the app the proxy is not used.

Ok- I was wondering if something was set to use proxy so that this error could be avoided. Sendgrid does not have any CORS support that I can tell based on a search on their site. What is the right solution? The email is sent on the tests I did but the send form just spins.

I see that if you send this in http header
Access-Control-Allow-Origin: http://m.mydomain.com
It might work if sendgrid supports cors. Is that right?

I also see that in the SendGrid_MailSend service the datatype is set in the plugin to json. Can it be changed to jsonp? Would this work or is more needed?

[quote:]
I see that if you send this in http header
Access-Control-Allow-Origin: http://m.mydomain.com
It might work if sendgrid supports cors. Is that right?
[quote:]
Yes.

[quote:]
I also see that in the SendGrid_MailSend service the datatype is set in the plugin to json. Can it be changed to jsonp? Would this work or is more needed?
[/quote]
You can try.

If you run the app as native (hybrid), then cross-domain doesn't play a role at all and all services will work. [/quote][/quote]

How/where does one set the Access-Control-Allow-Origin ? I tried putting this in the html send mail form page's header

but it did not work. I have emailed sendgrid to see if they support CORS.
In the mean time, is there anything else I can do or is using sendgrid potentially not possible with a web app?

Incidentally, using datatype of jsonp does not work

It is set on the service (server) side.

You can use Appery.io test page for now.

Sorry- I am obviously confused about CORS. So by test page you mean appery test link:
http://appery.io/app/view/big-long-nu...

sendgrid supprt says:
"I've been asking around and researching on our end and it doesn't look like we support CORS. My the looks of it, that setting would have to be made in your initial integration before reaching our side."

Is there any way to get this working on web apps from generated at appery? Is there a feature that can be added at Appery? Even if I had to host there its better than nothing. I started with a native app but getting everything working such that it could install/work on both android/iOS is a lot- video play and social integration requires phonegap plugins outside of appery