Javascript - No 'Access-Control-Allow-Origin' header is present on the requested resource

Question

I need to send data through XmlHttpRequest from JavaScript to Python server. Because I\'m using localhost, I need to use CORS. I\'m using the Flask framework an

Answer 1

There's actually a brilliant snippet on the Flask site to modify the Access-Control-Allow-Origin header server-side. http://flask.pocoo.org/snippets/56/

You have the easy way out from there, which is to allow every * domain to access your URL, or specifying your selection of URLs inside the header.

From the MDN's article on CORS:

In this case, the server responds with a Access-Control-Allow-Origin: * which means that the resource can be accessed by any domain in a cross-site manner. If the resource owners at http://bar.other wished to restrict access to the resource to be only from http://foo.example, they would send back: Access-Control-Allow-Origin: http://foo.example.