I'm developing an application in ColdFusion to manage mantis bt thought API REST but I have a problem with ajax requests.
If I making requests from the same domain where I installed mantis bt all requests work fine but when I try to make a request from another domain or the same domain with the different port the browser return "Access-Control-Allow-Origin" error.
I tried to add headers settings in API/rest/index.php and also in my ajax request but it doesn't work.
This seems like a common cross-domain scripting issue. Browsers have built-in protections against such things.
Consider if you load a web page on site X, which was hacked, and pages AJAX requests to site Y to retrieve and save data that you thought was only going to be processed through site X.
You need to make your code less "hacky", probably by making a request to your server, and let the server make an API request to your Mantis app.
If you want Mantis to work differently, use or create a plugin. Visit the Plugins forums.
Ask developers to create a plugin that you need - and motivate them to help you!
Starbuck wrote: ↑12 Apr 2018, 17:11
This seems like a common cross-domain scripting issue. Browsers have built-in protections against such things.
Consider if you load a web page on site X, which was hacked, and pages AJAX requests to site Y to retrieve and save data that you thought was only going to be processed through site X.
You need to make your code less "hacky", probably by making a request to your server, and let the server make an API request to your Mantis app.