Do phonegap applications require any CORS changes (like setting Access-Control-Allow-Origin:*) to work? I have a restful API hosted on Heroku and was wondering whether I need to set this header in order for my phonegap application to call the service?
I was thinking that because the phonegap application isn't really hosted on a domain, then CORS isn't required and I won't get any cross domain issues?
It would be great if someone could explain to me why this is or isn't the case.
PhoneGap you can just XHR directly to remote servers and it should "just work". Cross-domain policy does not apply to PhoneGap (for a variety of reasons, basically because your app is essentially running off the file:// URI on-device).
Please be aware that you will have to set up a whitelist for your apps to access these external domains. Please check this link: