0

I have created an express.js application at address http://localhost:1546/embed/:url which is to be called from other application in an iframe, but calling it from iframe is blocking this URL from being rendered anymore by even from browser.(I think express is blockingh it or it is kind of exception. but there is no error.)

I have also tried with updated headers. my code is something like:

    app.get('/embed/:url', function (req, res) {
  //res.send(req.host);
  app.use("/embed/:url", express.static(__dirname + '/views/layout.ejs'));
app.use("/embed/:url", express.static(__dirname + '/views/embed.ejs'));
     res.header('Access-Control-Allow-Origin', '*');
     res.header('Access-Control-Allow-Methods', 'PUT, GET, POST, DELETE, OPTIONS');
     res.header('Access-Control-Allow-Headers', 'Content-Type');
     //res.header('X-Frame-Option', '*');
     //res.send("djuf");
     res.render('embed', { title: 'AAS', data:{'url':req.params.url}});
  // web_server.use("/", express.static(__dirname + '/index.html'));res.render('list', { title: 'helloooooooooooo', message: 'Hello there!'});
   //console.log(req.params.url);

});
Eshant Sahu
  • 360
  • 1
  • 4
  • 18

1 Answers1

0

If you are using different servers for your website and app, I believe you have encountered Cross-Origin Resource Sharing blocking on the browser.

There's some great information about it here:

It is usually a problem to bypass using conventional methods, as this is restriction in the client's browser level.

As for testing, go ahead and disable it in your own browser, but keep in mind it won't work for others viewing your site:

Community
  • 1
  • 1
Selfish
  • 5,210
  • 3
  • 35
  • 54