Cross origin Blockage, which says CORS needs to be setup

I have setup CORS on my Dreamfactory Server. I have been developing with a app by using my local web server and reading in the swagger api to get access to dreamfactory. In the past I have been communicating with another server and receiving data back with ajax calls. All of a sudden I am now getting a message in the console that says “Cross Origin Request Blocked”.
I have two questions.

  1. Why now do I get this error after having success getting data back before.
  2. How do I fix it when my CORS is setup on my dreamfactory account.


Try adding an allowed host of * if you’re working locally. You might not be sending an origin with your requests if you’re on the desktop.

Thanks for your reply but yes. I am adding “*”. I did it on the dreamfactory cors setup and also my local apache configuration.



Could you tell me what environment you’re working in?


I am working on a MacOS. Lion.
Update, I added more time to the timeout and instead of using Header set, I used Header add and it seems to be working now.

Okay. So, it sounds like you the number of REST calls wasn’t the issue but related to the amount of time in which you performed these calls… fair assumption?


yes, The time increase fixed it but the error seemed like a CORES setup problem. I did setup CORS on my local apache server too.

Okay - sounds good.

Thanks man!



I have read this thread above and hoped that I will read something new.
I have the same problem right now, because my angularjs app cannot authenticate with the dreamfactory service.
I did everything required without succes.
- dsp_url - ok
- dsp_api_key - ok
- user has right for the services
- and finally the cors set up with *

I got this error every time:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at This can be fixed by moving the resource to the same domain or enabling CORS.

If I call the service with any json client I will get the right answer with the details of the user.

Please help me, I spent a lot of time with this problem.

Thank you.

Thank you, in testing we found an intermittent issue with CORS in the latest release, working on that, will update.

Well Jason I’m on version 1.7.8 Bitnami windows and have this problem. Just to be sure no platform left behind!

I don’t know what happened, but my error message changed to “Login request is missing required email.” (400)
All my login requests that worked before fine to other application give the same error message.
I tried with Curl and the same result:
curl -k -3 -X POST -H “X-DreamFactory-Application-Name: APP-NAME” -d “{ “email” : "”, “password” : “pass123” }";

Please help what I’m doing wrong.

As per, you need to be mindful of when to use single and double quotes.