I need to upload an API Rest to a web server


I have a API Rest that I use locally and I need to upload it to a web server. The problem I have is that it will not be configured once it is uploaded to communicate with the server's SQL database.

The error I get is this:

XMLHttpRequest cannot load http://error.hostinger.eu/?. 
No 'Access-Control-Allow-Origin' header is present on the requested resource. 
Origin 'http://hanoi.hol.es' is therefore not allowed access. 

It's the first time I have to upload things to a server, excuse my ignorance:)

PS: I just realized that the api has incorporated the CORS.

header("Access-Control-Allow-Orgin: *"); header("Access-Control-Allow-Methods: *"); header("Content-Type: application/json");

PD-2: just to discard, the address to connect to the database should be this $_server = "mysql.hostinger.es"; ?

asked by Subte 07.06.2016 в 19:36

3 answers


This error is very common, to make requests to a service Api Rest/Ful , you must first give permissions to the domains / host where the Api will be consumed.

You can give permission to only one or the domains you want


('Access-Control-Allow-Origin: http://misitio1.com');
('Access-Control-Allow-Origin: http://otrositio.com');
('Access-Control-Allow-Origin: https://www.tusitio2.com');
('Access-Control-Allow-Origin: http://www.ejemplo.com');

You can use the wildcard * to refer to all.

More information on Mozilla: Access_control_CORS

In other words, your server when it receives the request checks the host of where you are requesting it and if it is in your allowed host list, it sends you the data.

Using PHP

Sets the following header in all the resources that a request returns.

 header('Access-Control-Allow-Origin: *');  

Using Apache in .htaccess

Set the following directive in the file .htaccess of your server.

<IfModule mod_headers.c>
    Header set Access-Control-Allow-Origin "*"
answered by 07.06.2016 в 21:26

Knowing that you are using Hostinger , it is a LAMP environment (although I still think that it should be called GLAMP, the GNU G) good, returning to the answer:

In the root of your website (where is the public_html) there is a file called .htaccess to that file, add the following line:

 Header set Access-Control-Allow-Origin "*"

Follow with all the power to development! and remember, nobody was born knowing, we all learn and if it is in a team, better: D

answered by 07.06.2016 в 21:16

Normally when you work an API in local with a SQL database engine you specify the address to which the API should point, which in local is localhost or, which have been the same. Now, when your application is on the server you must specify the address of your server plus the port, for example:: What is in the signs < (less than) and > (greater than) must be changed by the data of your server and eliminate these signs.

It should be clarified that the authentication data may vary, so I recommend you check the user and password of the server database so that you can also change them in your API.

If you get the following error: XMLHttpRequest cannot load http://error.hostinger.eu/?. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://hanoi.hol.es' is therefore not allowed access

is because you violate this policy [Policy of the same origin] ( link ) that specifies that a server can not accept requests from a different domain. There are two ways to solve this: from the client with JSONP or with CORS from the server, where the most recommended is to use CORS, because if you do it with JSONP each client should implement it, instead if you do it from the server you only do one time. For your specific case look for the best way to add CORS, for example if it is JAVA search: "add cors to java web application" or if it is for nodeJS with Express you can search: "add CORS to express" and so on, according to framework that you use

answered by 07.06.2016 в 19:48