Cross domain issue with socket.io.js

Question

Cross domain issue with socket.io.js

I'm working on a node.js application and running into an 'Access is denied' error for the socket.io.js file.

My ColdFusion application runs on server A with domain A.com
My Node server is on server B and domain is B.com

My ColdFusion application is trying to load the node application, but I get "access is denied" when it tries to load the socket.io.js from B.com. This issue is only noticed in IE.

One work around is to add B.com to trusted site list on IE. Then the application loads fine.

Any help on this will be greatly appreciated.

node.js
internet-explorer
coldfusion
socket.io

Answer 1

Try adding a "Origin" header to the request (from A.com) and an "Access-Control-Allow-Origin" header to the server's (B.com) response that permits cross-domain request support:

Request:

<cfheader name="Origin" value="#cgi.server_name##cgi.script_name#">

Response:

<cfheader name="Access-Control-Allow-Origin" value="*"> 
.. or ...
<cfheader name="Access-Control-Allow-Origin" value="B.com/myfile.js,cfm,whatevs...would match the result of CGI vars above ^">