I've an application which loads a plete website in the android webview. The native code in in the android project interacts with the webpage & vice-versa using the Android Jockey Library.

Everything works fine accept at one state I encounter the XMLHttpRequest cannot load ... Origin <url> is not allowed by Access-Control-Allow-Origin error. This happens when the website (that gets loaded in the webview) makes an ajax call to the back-end api.

my website is at m.mywebsite which makes an ajax call to api.mywebsite - notably two separate sub-domains, but this seems to work fine on iOS.

I'm testing this on Android v4.4.2. Have tested it by piling agains target sdk 15 and 19 but no difference.

I've applied most of the settings to my webview as follows:

webView = (WebView) findViewById(R.id.webView);
    webView.getSettings().setLoadWithOverviewMode(true);
    webView.getSettings().setBuiltInZoomControls(false);
    webView.getSettings().setJavaScriptEnabled(true);
    webView.getSettings().setDatabaseEnabled(true);
    webView.getSettings().setDomStorageEnabled(true);
    webView.getSettings().setAllowContentAccess(true);

    webView.getSettings().setAllowUniversalAccessFromFileURLs(true);
    webView.getSettings().setAllowFileAccessFromFileURLs(true);
    webView.getSettings().setAllowContentAccess(true);
    webView.getSettings().setAppCacheEnabled(true);

    if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT) {
        webView.getSettings().setDatabasePath("/data/data/" + webView.getContext().getPackageName() + "/databases/");
    }

    webView.getSettings().setSupportZoom(false);
    webView.setWebChromeClient(new WebChromeClient());
    webView.setInitialScale(0);

And following is my jockey integration:

if (Utils.isNetworkAvailable(this)) {
        jockey = JockeyImpl.getDefault();
        jockey.configure(webView);
        webViewClient = new MyWebViewClient(this);
        jockey.setWebViewClient(webViewClient);

        setJockeyEvents();
        webView.loadUrl(EnvironmentManager.getStartUpURL());
    } 

Anybody facing similar issue or have a solution for this?

Thanks!

I've an application which loads a plete website in the android webview. The native code in in the android project interacts with the webpage & vice-versa using the Android Jockey Library.

Everything works fine accept at one state I encounter the XMLHttpRequest cannot load ... Origin <url> is not allowed by Access-Control-Allow-Origin error. This happens when the website (that gets loaded in the webview) makes an ajax call to the back-end api.

my website is at m.mywebsite. which makes an ajax call to api.mywebsite. - notably two separate sub-domains, but this seems to work fine on iOS.

I'm testing this on Android v4.4.2. Have tested it by piling agains target sdk 15 and 19 but no difference.

I've applied most of the settings to my webview as follows:

webView = (WebView) findViewById(R.id.webView);
    webView.getSettings().setLoadWithOverviewMode(true);
    webView.getSettings().setBuiltInZoomControls(false);
    webView.getSettings().setJavaScriptEnabled(true);
    webView.getSettings().setDatabaseEnabled(true);
    webView.getSettings().setDomStorageEnabled(true);
    webView.getSettings().setAllowContentAccess(true);

    webView.getSettings().setAllowUniversalAccessFromFileURLs(true);
    webView.getSettings().setAllowFileAccessFromFileURLs(true);
    webView.getSettings().setAllowContentAccess(true);
    webView.getSettings().setAppCacheEnabled(true);

    if (Build.VERSION.SDK_INT < Build.VERSION_CODES.KITKAT) {
        webView.getSettings().setDatabasePath("/data/data/" + webView.getContext().getPackageName() + "/databases/");
    }

    webView.getSettings().setSupportZoom(false);
    webView.setWebChromeClient(new WebChromeClient());
    webView.setInitialScale(0);

And following is my jockey integration:

if (Utils.isNetworkAvailable(this)) {
        jockey = JockeyImpl.getDefault();
        jockey.configure(webView);
        webViewClient = new MyWebViewClient(this);
        jockey.setWebViewClient(webViewClient);

        setJockeyEvents();
        webView.loadUrl(EnvironmentManager.getStartUpURL());
    } 

Anybody facing similar issue or have a solution for this?

Thanks!

• javascript
• android
• ajax
• webview
• cross-domain

Share Improve this question Follow asked Jun 12, 2014 at 19:55 Mahendra LiyaMahendra Liya 13.2k1414 gold badges9494 silver badges115115 bronze badges 1

• Hi, where you able to resolve this?? We are trying to change the origin header for http and websocket calls from System WebView. So I think we have the same problem then you, did you resolve this? – Michael Burger Commented Aug 21, 2017 at 14:26

Add a ment  | 

2 Answers 2

Sorted by: Reset to default 4

Hi I think you need to set a setting for you web view. Actually this issue e with the devices greater than API level 16. Find the following code:

if (Build.VERSION.SDK_INT >= VERSION_CODES.JELLY_BEAN) {
  webView.getSettings().setAllowUniversalAccessFromFileURLs(true);
}

Hope it will work for you.

You may be able to solve this by sending an appropriate Access-Control-Allow-Origin header from the page on api.mywebsite. like so:

Access-Control-Allow-Origin: http://m.mywebsite.