When writing HTML Webresources, I will frequently host the html page on a local development server (e.g. localhost:8777) and make calls to the CRM server on a different port (e.g. localhost:5555). I do this to speed up the debug process since there is no need to deploy the webresource so that it is hosted inside Dynamics CRM. Now that UR12 has introduced cross browser support, the same technique is needed for other browsers.
Since Chrome enforces cross domain checks even for localhost on different ports – I received the following error when trying to call the SDK webservices:
XMLHttpRequest cannot load http://localhost:5555/OrgName/XRMServices/2011/Organization.svc/web. Origin http://localhost:8777 is not allowed by Access-Control-Allow-Origin.
Fortunately, Fiddler has the answer:
1) First Install and run Fidder2 (www.fiddler2.com)
2) Open the 'FiddlerScript' tab and locate the 'OnBeforeResponse' function.
3) Paste the following at the end of the function:
oSession.oResponse.headers.Add("Access-Control-Allow-Headers","origin, soapaction, content-type");
if ((oSession.responseCode == 400) && (oSession.oRequest.headers["Access-Control-Request-Method"]=="POST"))
oSession.responseCode = 200;
Note: Makes sure you put your own port number in the Origin parameter.
4) Click 'Save Script'
You requests will now not be blocked by the cross domain policy since Chrome thinks that the server is explicitly allowing the requests to come from a different domain.