1 of 1 people found this helpful
Pretty much a given that it is because of lack of proper SSL certificate. The Rest API is only supposed to work through HTTPS. And if you use the standard cert that comes with FMS your 'caller' will receive an SSL warning when trying to make the connection.
Thank you. I've got a proper SSL certificate now and there's not much different. Is it possible to define the response headers the server gives to allow other origin domains to make requests?
2 of 2 people found this helpful
Thank you for your posts.
At this time, FileMaker Server purposefully disabled Cross Origin Scripting (CORS) to protect from cross-site scripting (XSS) attacks. I have attached your post to the original report. If more information becomes available, I will post again.
Just to add to the kb:
This is vitally important anytime something is published to the Internet (not just websites). Many ISP's forbid any and all URLs that are outside the calling domain (IP) - including ports and protocols. And with good reason!