Categories: javascript, php, json, apache, server

Access-Control-Allow-Origin: Access for all users just to one site

1 answer

I'm currently coding a php website which reads certain values from a json file from my server. Now when i request the xmlhttp request to my server, i get the Access-control-allow-origin ERROR in console. I already find out i have to set Access-control-allow-origin: *; in my Apache configuration but i don't want to use * because I don't want to give everyone access to my website. So how can i just give permission for one json file to every client?

var requestURL = 'https://myWebsite/blabla.json'; var request = new XMLHttpRequest(); request.open('GET', requestURL); request.responseType = 'json'; request.send();  request.onload = function() {   var response = request.response;   jackpot = response.items[0].value;    var inner = document.getElementById("myid"); inner.innerHTML = jackpot+" EURO"; 

this is my js code and i always get the Error, except i use Access-control-allow-origin: *, which i dont want to use because its unsave.

Please care im little new to web coding so im not really professional sorry.

All answers to this question, which has the identifier 60737569

The best answer:

In your PHP backend, allow only to your domain for Access-control-allow-origin not *. So that it will be safe.

Last questions

how do i remove the switch on my home screen?
how to edit the JS date and time to update atuomatically?
How to utilize data stored in a multidimensional array
Powermockito not mocking URL constructor in URI.toURL() method
Android Bluetooth LE Scanner only scans when phone's Location is turned on in some devices
docker wordpress container can't connect to mysql container
How can I declare a number in java that is more than 64-bits? [duplicate]
Optaplanner solutionClass entityCollectionProperty should never return null error when simple JSON object passed to controller
Anylogic, get the time a pedestrain is in a queue
How do I fix this syntax issue with my .flex file?
Optimizing query in PHP
How to find the highest number of a column and print two columns of that row in R?
Ideas on “Error: Type com.google.firebase.iid.zzav is referenced as an interface from com.google.firebase.messaging.zzd”?
JCIFS SmbFile.exists() and SmbFile.isDirectory() return false when it exists and I can listFiles()
PHP total order
Laravel booking system design
neural net - undefined column selected
How to indicate y axis does not start from 0 in ggplot?
Fragments in backStack
Spinner how to change the data