Solved

Cannot Obtain the Response Message of a jQuery AJAX call (JSON request)

Posted on 2011-02-18
7
1,409 Views
Last Modified: 2012-05-11
In the attached piece of AJAX call through JSON request, I get an alert message saying "Status: success" but cannot get the response message somehow. We are inclined to use the Webservice call request with PHP and AJAX.

However, we do get the response text if tried through RESTClient or POSTER, attached an example screenshot.

Could someone please help?
<script type="text/javascript" src="/scripts/jquery-1.4.2.min.js"></script>
<script type="text/javascript">
$.ajax({
    type: 'POST',
    url: 'http://site-name.net:8095/WebService/purchase/markPurchase',
    dataType: 'json',
    contentType: 'application/json; charset=utf-8',
    data: '{"authorizationToken":"xyz=","purchaseKey":"testmsg", "identifier":"1","purchaseType":"2"}',
    success: function(data, resultState) {
        if (!resultState) {
            alert('No result found!');
        } else {
            alert('Status: ' + resultState);
        }
    },
    error: function(xhr) {
        alert(xhr.statusText);
    },
    complete:function() {
        //
    }
});
</script>

Open in new window

poster-webservice-response.PNG
0
Comment
Question by:ldbkutty
7 Comments
 
LVL 22

Expert Comment

by:Ivo Stoykov
Comment Utility
check what type of response is returned - xml, html, json...
0
 
LVL 40

Expert Comment

by:gurvinder372
Comment Utility
can you share the output of alert(data); in the else section of success handler?

How did you know if you are not getting the response?
0
 
LVL 32

Author Comment

by:ldbkutty
Comment Utility
With Chrome firebug console, got this error message...

XMLHttpRequest cannot load http://site_name:8095/ECMWebService/purchase/markPurchase. Origin https://www.xyz.com is not allowed by Access-Control-Allow-Origin.

May be the server is thinking that am trying to hack the server through cross-site scripting. http://en.wikipedia.org/wiki/XMLHttpRequest#Cross-domain_requests

If the site_name can whitelist our "xyz" domain in the Access-Control-Allow-Origin setting of web-server, will it be good? I am exploring the Access-Control-Allow-Origin property right now ....
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 
LVL 82

Expert Comment

by:leakim971
Comment Utility
You need to use a proxy, cross domain ajax call is not allowed for security purpose, for example this one : http://www.daniweb.com/code/snippet216729.html
0
 
LVL 32

Author Comment

by:ldbkutty
Comment Utility
the proxy was a great idea, but it also results in the following error:

Failed to load resource: the server responded with a status of 405 (Method Not Allowed) proxy.php?proxy_url=site_name.net:8095/ECMWebService/purchase/markPurchase
0
 
LVL 82

Expert Comment

by:leakim971
Comment Utility
the proxy_url is a full url (encoded with encodeURIComponent : http://xkr.us/articles/javascript/encode-compare/)  http:
$.ajax({
    type: 'POST',
    url: 'proxy.php?proxy_url=' + encodeURIComponent( "http://site-name.net:8095/WebService/purchase/markPurchase" ),

Open in new window

0
 
LVL 6

Accepted Solution

by:
jjperezaguinaga earned 500 total points
Comment Utility
Greetings ldbkutty,

Please feel free to research about CORS (Cross-Origin Resource Sharing) and XML HTTP Request Level 2. This is already a W3C working draft.

http://www.w3.org/TR/cors/
http://www.w3.org/TR/XMLHttpRequest2/

Unluckily, XML HttpRequest Level 2 is still not supported as part of the jquery library so you would need to do some code by yourself. However, I think for this case, giving a quick read to CORS will be enough to solve your problem.

Best regards,
-JJ

0

Featured Post

Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

Join & Write a Comment

The Confluence of Individual Knowledge and the Collective Intelligence At this writing (summer 2013) the term API (http://dictionary.reference.com/browse/API?s=t) has made its way into the popular lexicon of the English language.  A few years ago, …
Nothing in an HTTP request can be trusted, including HTTP headers and form data.  A form token is a tool that can be used to guard against request forgeries (CSRF).  This article shows an improved approach to form tokens, making it more difficult to…
The viewer will learn how to count occurrences of each item in an array.
The viewer will learn how to create and use a small PHP class to apply a watermark to an image. This video shows the viewer the setup for the PHP watermark as well as important coding language. Continue to Part 2 to learn the core code used in creat…

772 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now