ROServer - how to add CORS support?

Hi, currently i have a javascript program hosting in my server eg need to access the ROServer located at

I am facing the CORS problem and would like to check how to enable the CORS in ROServer. Below is the error message from google chrome:

XMLHttpRequest cannot load http://bbb:8090/json. No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘’ is therefore not allowed access.


Hi, manage to find the property and now the error become

XMLHttpRequest cannot load http://bbb:8090/json. Request header field x-token is not allowed by Access-Control-Allow-Headers.



Which code and browser are used to send the request?

in my javascript apps, i have below setting for all my ajax. it is due to my API server required send in x-token for every single request. Since i am using the same apps to connect to ROServer, that is why the same header also send by ajax when consume the ROServer.

// defauld ajax call setting
contentType: “application/json; charset=utf-8”,
dataType: “json”,
beforeSend: function (xhr) {
xhr.setRequestHeader(‘x-token’, passKey);


Thank you for the issue explanation. It is caused by a header not present in the standard headers set being allowed by the default CORS response.
We’ll improve the CORS management API to allow custom sets of headers to be returned for CORS requests.

Please send a mail to support@ with your account name so we’ll provide you a Beta or pre-Beta build once the issue is fixed.

Thanks in advance