All Ideas

Idea Details

Post an Idea
This idea has been delivered and can no longer be voted or commented on. If you’d like to add to this conversation, please post a new idea.
920  Points voting closed
Delivered in Winter 15
Idea is generally available.

Support of CORS (Cross-Origin Resource Sharing) in RESTful API

Salesforce Platform, Web Services API

Cross-Origin Resource Sharing (CORS) is the feature which enables user-agents controlled by the same-origin policy to access cross-origin server resources by explicitly allowing from serverside.

http://www.w3.org/TR/cors/

Supporting CORS is huge merit for HTML5 apps, especially mobile environment, which can now get OAuth token by User-Agent flow, and if CORS is enabled the apps can query directly to the Salesforce without any server-side proxy program.

I know Salesforce has crossdomain.xml to support cross-origin access from Flash-based web apps.
As it is already allowing such access, enabling CORS will not violating current security model.

 

· Flag

Latest Comment from Salesforce

  • IdeaExchange Moderator - 4 years ago

    With the Winter '15 release, you can use CORS to access Chatter Rest API.

    For more information, please reference the release notes:
    http://releasenotes.docs.salesforce.com/en-us/winter15/release-notes/rn_chatter_api_general.htm#cors
  • Upvotes
  • Downvotes

Ideas

Apps

from AppExchange

Questions

Help us to keep IdeaExchange clean by pointing out overlapping ideas. We'll investigate your suggestion and merge the ideas if it makes sense.



 

 

Thanks for your merge suggestion. We will review it shortly and merge the ideas if applicable.

Salesforce takes abuse situations very seriously. Examples of abuse include but are not limited to posting of offensive language or fraudulent statements. To help us process your request as quickly as possible, please fill out the form below describing the situation. For privacy and security reasons, the final outcome of an abuse case may not be revealed to the person who reported it.


 

Thank you for your feedback. We take abuse seriously and will investigate this issue and take appropriate action.