Openfire and strophe.js: not allowed by Access-Control-Allow-Origin

Im trying to create a webchat using Jabber. I have installed Openfire and i can login to the admin panel at :9090 so the server is running.

Now when using strophe.js basic example, coming with strophe.js i get this error:

5XMLHttpRequest cannot load http://jabber.xxx.dk:7070/http-bi开发者_运维百科nd/. Origin http://jabber.xxx.dk is not allowed by Access-Control-Allow-Origin.

How can i allow the domain?

Thanks to @SamGoody for pointing this out. As of version 3.8.0, OpenFire now supports1 CORS[2], which is needed for your use case. To enable it, go to the OpenFire admin console, Server, Server Settings, HTTP Binding tab. Ensure that "Provides support for CORS (Cross-Origin Resource Sharing)" is Enabled, with a domain list of * (these are the defaults).

If it doesn't work even after enabling CORS in Openfire and changing the domain policy to accept all, then check your URL for Openfire. You may need to add '/' at the end (e.g. 'http://dimain:7070/http-bind/').

Without the slash it didn't work for me.

Another option is to setup your apache server to proxy port 7070 so you're not dealing with cross-domain issues per se. The code for that looks something like this inside of your httpd.conf file:

ProxyRequests Off
ProxyPass /http-bind http://127.0.0.1:7070/http-bind/
ProxyPassReverse /http-bind http://127.0.0.1:7070/http-bind/

If you log in to the admin panel, go to the Server Settings tab, then to HTTP Bindings, check both options (HTTP Binding and Script Syntax) are set to Enabled

I had faced same issue and come to know that port was not open for access. Though it browser says it is CORS Access-Control-Allow-Origin issue. This is sometimes open port issue. Please make sure http bind port is open and can be accessible over tcp on system your are testing.