CORS Blocked while testing SMS Platform

[fayazv]

I have started testing the SMS platform and I’m receiving this error:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at 
http://52.10.110.204:15200/send?username=cbt_sendsms_user&password=cbt_sendsms_password&to=0974968582&text=cbt+plaform+testing&dlr-mask=31
This can be fixed by moving the resource to the same domain or enabling CORS.

Platform Setup:

• The SMS Platform (TaarifaTraders) is setup in heroku taarifa-traders.herokuapp.com. Atm, I'm running tests from my local machine (mac), which shouldn't be the problem.
• We are using AWS to do the VPN/SMPP connections with Airtel in Zambia and Malawi. So the VPC are hosted in AWS.

[kynan]

Do you have control of the server at 52.10.110.204 i.e. could you modify the script you're making the XMLHttpRequest to? If so, you could send the Access-Control-Allow-Origin: * header with the response. This might even be possible via the the configuration of whichever server is serving this request.

If not, you'll need to proxy the request through TaarifaTraders by adding a route which makes the request and decorate it for HTTP Access Control.

[fayazv]

I don't have control over the server at 52.10.110.204

The link provides info on how to make request in flask app (python), while most of the app is in angularjs where presumably I have to apply this in the app.coffee and controllers.coffee

How do I add the route which makes the request?

[kynan]

There's 2 parts to this:

1. A route to be added to taarifa_traders.py making the above HTTP request.
2. Change the Angular controller to send the $http.get to that local route, which means no CORS is required.

[kynan]

@fayazv How has this been resolved?