CORS Policy

Website URL

Error Message

XMLHttpRequest blocked by CORS policy No ‘Access-Control-Allow-Origin’ header is present

Other Information

Hi everyone, I’m struggling to use Monaca as a frontend and infinityfree with a php backend.
Just for people who don’t know, monaca is an online platform that allow developers to build hybrid app writing in html/css/js instead of using native languages such as Xcode or Java.
every time I try to send data via XMLHttpRequest in my frontend I have the error pointed out above, on stackoverflow I read an article that suggests to add these lines in my backend file

header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS, post, get');
header("Access-Control-Max-Age", "3600");
header('Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token');
header("Access-Control-Allow-Credentials", "true");

but it’s not working…

funny thing, I did the same thing using MIT App Inventor and it worked fine even before adding these headers

Thanks in advance for any kind of help

This is the limitation of free hosting

We provide website hosting, i.e. hosting designed for things that produce web pages that are viewed in a browser. Our hosting is not intended for API hosting, data storage hosting, file hosting or anything like that. This also means all CORS is blocked.

We also make use of this security system that basically blocks all access that’s not from browsers visiting your site directly.


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.