I have added dataType: 'jsonp' and it works!
$.ajax({
type: 'POST',
crossDomain: true,
dataType: 'jsonp',
url: '',
success: function(jsondata) {
}
})if your using ajax, to retrieve and display data your header would look like this,
$.ajax({
url: '',
headers: {
'Access-Control-Allow-Origin': 'http://The web site allowed to access'
},
data: data,
type: 'dataType',
/* etc */
success: function(jsondata) {
}
})If you are using NodeJs for your server side, just add these to your route and you will be Ok
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");Your route will then look somehow like this
router.post('/odin', function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
return res.json({
Name: req.body.name,
Phone: req.body.phone
});
});Client side for Ajax call
var sendingData = {
name: "Odinfono Emmanuel",
phone: "1234567890"
}
<script>
$(document).ready(function(){
$.ajax({
url: 'http://127.0.0.1:3000/odin',
method: 'POST',
type: 'json',
data: sendingData,
success: function (response) {
console.log(response);
},
error: function (error) {
console.log(error);
}
});
});
</script>
Run the following command to confirm the origin server returns the Access-Control-Allow-Origin header. Replace example.com with the required origin header. Replace https://www.example.net/video/call/System.generateId.dwr with the URL of the resource that's returning the header error.,If the CORS policy allows the origin server to return the Access-Control-Allow-Origin header, you see a response similar to the following:,Under Cache key settings, for Headers, select Include the following headers. From the Add header dropdown list, choose one of the headers required by your origin.,To forward the headers to the origin server, CloudFront has two pre-defined policies depending on your origin type: CORS-S3Origin and CORS-CustomOrigin.
curl - H "Origin: example.com" - v "https://www.example.net/video/call/System.generateId.dwr"HTTP / 1.1 200 OK
Server: nginx / 1.10 .2
Date: Mon, 01 May 2018 03: 06: 41 GMT
Content - Type: text / html
Content - Length: 3770
Last - Modified: Thu, 16 Mar 2017 01: 50: 52 GMT
Connection: keep - alive
ETag: "58c9ef7c-eba"
Access - Control - Allow - Origin:
example.com
Accept - Ranges: bytesAugust 10, 2022 , August 11, 2022 , August 24, 2022 , August 25, 2022
GET / widgets / HTTP / 1.1
Host: api.mydomain.com
Origin: https: //www.mydomain.com
[Rest of request...]HTTP / 1.1 200 OK
Access - Control - Allow - Origin: https: //www.mydomain.com
Content - Type: application / json[Rest of response...]OPTIONS / widgets / HTTP / 1.1
Host: api.mydomain.com
Origin: https: //www.mydomain.com
Access - Control - Request - Method: POST
Access - Control - Request - Headers: Authorization, Content - Type[Rest of request...]HTTP / 1.1 200 OK
Access - Control - Allow - Origin: https: //www.mydomain.com
Access - Control - Allow - Methods: POST, GET, OPTIONS
Access - Control - Allow - Headers: Authorization, Content - Type
Content - Type: application / json[Rest of response...]POST / widgets / HTTP / 1.1
Host: api.mydomain.com
Authorization: 1234567
Content - Type: application / json
Origin: https: //www.mydomain.com
[Rest of request...]HTTP / 1.1 200 OK
Access - Control - Allow - Origin: https: //www.mydomain.com
Content - Type: application / json[Rest of response...]You can just put the Header set Access-Control-Allow-Origin * setting in the Apache configuration or htaccess file.,XMLHttpRequest cannot load http://nqatalog.negroesquisso.pt/login.php. Origin http://localhost:8888 is not allowed by Access-Control-Allow-Origin., Hello @kartik, Access-Control-Allow-Headers does not allow * as accepted value. Instead of ...READ MORE,It should be noted that this effectively disables CORS protection, which very likely exposes your users to attack. If you don't know that you specifically need to use a wildcard, you should not use it, and instead you should whitelist your specific domain:
The easiest way to handle this if you have control of the responding server is to add a response header for:
Access - Control - Allow - Origin: *
This will allow cross-domain Ajax. In PHP, you'll want to modify the response like so:
< ? php header('Access-Control-Allow-Origin: *'); ? >It should be noted that this effectively disables CORS protection, which very likely exposes your users to attack. If you don't know that you specifically need to use a wildcard, you should not use it, and instead you should whitelist your specific domain:
< ? php header('Access-Control-Allow-Origin: http://example.com') ? >18th April 202013th November 2021,20th October 202029th November 2021,21st November 202013th November 2021,12th November 202112th November 2021
This is the request code:
$.ajax({
type: "POST",
dataType: 'text',
url: api,
username: 'user',
password: 'pass',
crossDomain: true,
xhrFields: {
withCredentials: true
}
})
.done(function(data) {
console.log("done");
})
.fail(function(xhr, textStatus, errorThrown) {
alert(xhr.responseText);
alert(textStatus);
});It’s very simple to solve if you are using PHP. Just add the following script in the beginning of your PHP page which handles the request:
< ? php header('Access-Control-Allow-Origin: *'); ? >If you are using Node-red you have to allow CORS in the node-red/settings.js file by un-commenting the following lines:
// The following property can be used to configure cross-origin resource sharing
// in the HTTP nodes.
// See https://github.com/expressjs/cors#configuration-options for
// details on its contents. The following is a basic permissive set of options:
httpNodeCors: {
origin: "*",
methods: "GET,PUT,POST,DELETE"
},Then include the Flask cors in your application.
from flask_cors
import CORSA simple application will look like:
from flask
import Flask
from flask_cors
import CORS
app = Flask(__name__)
CORS(app)
@app.route("/")
def helloWorld():
return "Hello, cross-origin-world!"