?
Solved

CORS and a local file

Posted on 2013-05-17
4
Medium Priority
?
1,071 Views
Last Modified: 2013-05-22
I need to do some cross site scripting work with a local file for testing.  My application is just calling a javacript api on a different server. It is easier to work locally.  I change a setting on my browser (can't remember but can find it) to allow this.  I want to turn that back on so I don't get a crazy virus.  I heard about CORS.  How can I do this with a local file?
0
Comment
Question by:jackjohnson44
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 75

Accepted Solution

by:
Michel Plungjan earned 2000 total points
ID: 39178136
I personally wrote a simple proxy on my own server using CURL

Be aware that this exposes the service to anyone who can guess the URL of your proxy

<?php
/**
 *  An example CORS-compliant method.  It will allow any GET, POST, or OPTIONS requests from any
 *  origin.
 *
 *  In a production environment, you probably want to be more restrictive, but this gives you
 *  the general idea of what is involved.  For the nitty-gritty low-down, read:
 *
 *  - https://developer.mozilla.org/en/HTTP_access_control
 *  - http://www.w3.org/TR/cors/
 *
 */
function cors() {

    // Allow from any origin
    if (isset($_SERVER['HTTP_ORIGIN'])) {
        header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
        header('Access-Control-Allow-Credentials: true');
        header('Access-Control-Max-Age: 86400');    // cache for 1 day
    }

    // Access-Control headers are received during OPTIONS requests
    if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {

        if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
            header("Access-Control-Allow-Methods: GET, POST, OPTIONS");         

        if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
            header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");

        exit(0);
    }
}
cors();
header("content-type: application/json");

$callback = $_GET["callback"];
$url = "...."; // site that needs accessing
$username="..."; // if password protected
$password="...";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_USERPWD, "$username:$password"); // may not be needed
curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); // may not be needed
$output = curl_exec($ch);
$info = curl_getinfo($ch);
curl_close($ch);
echo $callback."(".$output.")"; 
?>

Open in new window

0
 
LVL 51

Expert Comment

by:ahoffmann
ID: 39181898
> ..  want to turn that back
which browser?
0
 

Author Comment

by:jackjohnson44
ID: 39182039
I was using internet explorer.  Is there any way to do this without using a server?
0
 
LVL 75

Expert Comment

by:Michel Plungjan
ID: 39182612
Perhaps if you allow *
0

Featured Post

WordPress Tutorial 3: Plugins, Themes, and Widgets

The three most common changes you will make to your website involve the look (themes), the functionality (plugins), and modular elements (widgets).

In this article we will briefly define each again, and give you directions on how to install them.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There are a couple ways to attach a JavaScript function to dynamically created elements. You can make a new script for each element as it’s created or you can use delegation. Delegation allows a single script that is added at page creation to mat…
PROBLEM: The other day I was working on adding an ajax request to a webpage that already had a dialog box on the page.  The dialog box was using relative positioning to be positioned next to a form field I had on the page.  Everything was working…
The viewer will learn how to dynamically set the form action using jQuery.
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question