I have the newly released Philips Hue bridge and I'm trying to control it from my browser by sending JSON requests to it. I am using a third party 'helper' api just to make things a little easier - but it's irrelevant which one because underneath it is just sending a regular PUT request. I am just using Chrome to run the JS locally (on a local webserver).
PUT http://192.168.1.86/api/2e51aa2362f1a416d8eab4816b669eb/lights/16/state
{ on: true }
The problem is I am receiving back the following CORS error:
XMLHttpRequest cannot load http://192.168.1.86/api. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://example.com' is therefore not allowed access.
This makes perfect sense - and I understan what's doing on - after all I am trying to make a PUT request to a remote server and as a result my browser is prohibiting me. However I obviously can't change the code on the hub.
Is there any solution to this? I see that a while ago that Philips needed to do something similar on their own website to allow for cross domain access.
I can find very little information about this out there - and I'm not sure if Philips recently changed something. The fact that third party JS APIS don't even mention this makes me believe that Philips may have changed something (I found a third party webapp which has this same problem).
Edit:
These are the headers coming back:
HTTP/1.1 200 OK
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Expires: Mon, 1 Aug 2011 09:00:00 GMT
Connection: close
Access-Control-Max-Age: 3600
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE, HEAD
Access-Control-Allow-Headers: Content-Type
Content-type: text/html
Content-Length: 0
