James A. James A. - 6 months ago 67
Javascript Question

Couchbase Server not returning CORS Header to XMLHttpRequest object

We have Couchbase Server installed on a VM. I have include the tags:

[cors]
methods: GET
origins: *

[httpd]
enable_cors = true


in our local.ini file located at: D:\Couchbase\etc\couchdb. In PostMan I am able to execute: http:/xxxx:8093/query/service?statement= select member from
edc
where member.general_info.member_id= '11111' and see a valid response returned. But when trying to request with JS in our web application we are blocked. Our JS looks like:

var xhReq = new XMLHttpRequest();
xhReq.open("GET", "xxxx:8093/query/service?statement=select member from `edc` where member.general_info.member_aces_id= '11111'", true);
xhReq.onload = function() {
console.log('Response from CORS request ' + xhReq.responseText);
};
xhReq.onerror = function() {
console.log('Woops, there was an error ');
};
xhReq.send();


The response we see in Chrome console is:

XMLHttpRequest cannot load http:/xxxx:8093/query/service?statement=select%20member%20from%20
edc
%20where%20member.general_info.member_aces_id=%20%2711111%27. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http:/localhost:8080' is therefore not allowed access.

From the couchbase documentation I could find online this should work. Please let me know if you want me to include any further configurations. Thanks for the help!

Answer

This is because Chrome web security won't allow localhost,see http://blog.chromium.org/2010/01/security-in-depth-new-security-features.html for an explanation - try Firefox or override Chrome web security when starting with options:

--disable-web-security --user-data-dir