As Bodgan's answer stated, this is a browser security issue rather than a ZF2 issue. One popular way to get around it is to change the ACCESS-CONTROL-ALLOW-ORIGIN
of your domain A to allow requests from domain B. This and other solutions are discussed on the Mozilla Developer Network (MDN) page for HTTP access control (CORS).
Basically you need to indicate to the receiving server (domain A) that it is okay to respond to requests for resources. You can do this within a .htaccess
file placed in the web root of domain A. Below is some simple sample code that indicates to domain A that it should respond to resource sharing requests from all domains: *
. The MDN article linked to above goes into a more in-depth discussion of "Cross-Origin Resource Sharing (CORS)". Keep in mind that there are security implications, and in most scenarios you do not want to open up your server to requests from *
origins, but rather to a specific host controlled by yourself.
Options +FollowSymlinks
RewriteEngine on
Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"