Please note that “Access-Control-Allow” error in Chrome console can mask the real error. It is best to use Fiddler2 to examine the request and response. In one occasion, it was actually caused by an Entity Framework error due to outdated model.
When one browse a local html file with jquery $.getJSON(url, …), one may get the following error:
XMLHttpRequest cannot load http://xxxx.xxx/xxx/xxxx. Origin null is not allowed by Access-Control-Allow-Origin.
Even if you set up a local web server to serve the same html page with $.getJSON(), you can get a similar error. The cause is Same Origin Policy. You can google it.
There are many workarounds, including:
- Use JSONP
- When running google chrome browser, add “–disable-web-security” as an argument. Obviously, you want to do it only in a safe development environment.
For MVC Web Api, one can add the following code to a controller method: