I have read lot of things about CORS and how allowing Access-Control-Allow-Origin: * is security vulnerability to web server. But none of the article explained about how we can allow HTML5 hybrid application to access web services hosted on some domain which disallowed the wildcard char *
My question is: as far as my knowledge HTML5 hybrid app does not run on any specific domain that can we set as a whitelisted domain at the Access-Control-Allow-Origin lists. Then how we can still access the web service data from the hybrid APP request data through ajax call over web server which disallowing * under Access-Control-Allow-Origin tag?
Sorry for being late. Okay either of the code below will do it for you. give me a shout if you are still having issues Thanks