Access-Control-Allow-Origin header when building with Sencha Cmd
I've been working on a sencha touch app that is supposed to make an ajax call to a pre-existing xml based service. My question is that if I want to set Access-Control-Allow-Origin header in the web server that I need to call, what domain origin should I allow it from? My touch app will be deployed in the app store, I don't want to say Access-Control-Allow-Origin header: * since that would open for all domains. If my app is going to be downloaded from the app store and run from a consumer's cell phone what will be the origin?
On the server side you have to reflect the host from which the request was made.
I don't get it, if the app is going to be downloaded from the App Store then what do I put on server side for the value of Access-Control-Allow-Origin?
Doesn't matter where you download the application from. All it matters is where it runs from.
Originally Posted by rmalhotr
And if it runs on devices I think you might not have the Allow origin issue at all anyway.
Tags for this Thread