Blog

How to control cross-domain access for browser-based apps

by on March 12, 2015

Backendless is not just a mobile backend – it also provides hosting and runtime support for browser-based applications. Indeed, we offer a fully-featured SDK for JavaScript apps. Unless you host your Backendless-powered app in our hosting system, you will be running into cross-origin domain requests. This occurs when an application is loaded into a browser from one host, but then it makes a request (XHR, socket, etc) to another host. In the case of Backendless, the second host would be the backend platform we provide.

To simplify the cross-origin setup, Backendless Console includes a special section where an application developer can list all the hostnames where the app may be loaded from. You can access that section on the Manage > App Settings screen and then scroll down to the Domain Control section:

The text field in the interface accepts the names of the hosts (domains) where your JavaScript app can be loaded by a browser. Enter the domain names or IP addresses (one per line), or use the * for all domains. Click Save to save the changes.