Search code examples
javascriptjqueryrpcbitcoinsame-origin-policy

Access-Control-Allow-Origin header when Origin 'null' when trying to post data to a LOCAL application

I'm working on a program which will help interface with your bitcoin wallet via the browser.

By setting up the bitcoin client as a server with the following commands in it's .conf file...

server=1
rpcuser=test
rpcpassword=test
rpcallowip=127.0.0.1

It will allow it to run as a server and thus let you post JSON commands at it. I've gotten this to work with the following code below.

       $.ajax({
            url: 'http://test:[email protected]:29661',
            type: 'POST',
            contenType: 'application/json',
            cache:false,
            dataType:"json",
            data: '{"jsonrpc": "1.0", "id":"curltest", "method": "getinfo", "params": [] }',
            timeout: 15000,
        })
        .done(function(msg){
            alert(msg);
        });

BUT, it only works if I render Google Chrome with security features disabled, thus removing the CORS security restrictions which will not be acceptable for users.

Since this is trying to connect on the local file system to the bitcoin server and the file I'm running from IS on the local file system why am I getting CORS errors since they should be on the same domain? and how do I get around it?

I have to access the local file for testing via file:/// (which to my understanding 'might' have limited CORS support). This is how the users would work with it as well though.

::Methods Tried Already::

jsonp - this fails to work because it can only do GET requests and I need to do POST requests. This works by creating a script tag on the DOM and GET'ing the data and requires a callback function to get the data out of it. Kind of a hack, but unfortunately this does not work because I need to POST the data.

easyXDM - Tried this, but failed because it does not support the file:/// protocol :( :(, otherwise would have been what I needed.

WebSockets - Requires server to have implementation of this, I can't change the bitcoin source.

Access-Control-Allow-Origin in Server Headers when serving file - This would work if the file came from a server but its just on the local system file:///, this is because its going to access data coming from the bitcoin client and graphically display information.

Solution

  • Ok I solved the issue. I had to edit the bitcoinrpc file it's self to handle CORS.

    http://www.html5rocks.com/en/tutorials/cors/

    The above link gave me lots of helpful info on how to do that, in particular the fact that it had to be done in two stages.

    There is the preflight request, and preflight response, then the actual request and actual response.

    So I edited the bitcoinrpc.cpp file to handle this. If anyone wants to see exactly how I implemented it I'll link to the github source code.