Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 469
  • Last Modified:

Cross domain delete with jQuery

I have a node js server listening and parsing urls, functioning as an RESTful api. I am using this code to access a function using a delete request:

function DeleteJob(jobid, apiUrl) {
	if(adssApiUrl.slice(-1) == "/") apiUrl = apiUrl.substring(0, apiUrl.length - 1);
	$.ajax({
	    type: 'DELETE',
	    url: apiUrl + '/jobs/' + jobid,
	    async: false,
	    cache: false,
	    success: function(result) {
	        $('#' + jobid).fadeOut('slow', function() {
				$(this).remove();
			});
	    }
	});
}

Open in new window


I am getting:
XMLHttpRequest cannot load http://blablabla:443/jobs/521e09af525d4ed866000000. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://blablabla' is therefore not allowed access.

How do I do cross domain requests with jQuery so this will work? When I use the Advanced Rest Client plugin in Chrome, the request succeeds, so I guess the browser is not allowing my request while the plugin I am using does not have this kind of restriction.
0
itnifl
Asked:
itnifl
  • 3
  • 2
1 Solution
 
Alex EneCommented:
Try adding the {dataType:'jsonp'} to the ajax settings.
Also, could be slightly unrelated but you're doing request through port 443 which is HTTPS from a URL that starts with HTTP. Cross-protocol could also be an issue. Try using protocol-less URLs and have them declared throughout code like href="//blablabla/jobs/hashkey"
0
 
itniflAuthor Commented:
When using dataType:'jsonp', my delete request ends up as a get request at the node js api server, which in turn does not delete the record I am wanting to delete, but returns it in the json format.
0
 
Alex EneCommented:
Yes, true. Completely forgot about JSONP only working as GET requests.
JQuery documentation for ajax says that the type parameter although supports PUT/DELETE, not all browsers handle it very well. Assuming you are using Chrome though, so this is less likely the root cause. IE10+ though, according to caniuse has a problem with using different ports.

Are you sure the node.js server accepts the DELETE method? Check this out.
Maybe this helps a bit more.
Try showing us the HTTP headers.
0
 
itniflAuthor Commented:
I am very sure the server accepts a delete method. When using the "Advanced REST client" plugin for Chrome, I have no problem sending a delete request and getting the expected result.

I will have to come back to you on using CORS. I would guess that would be the solution.
0
 
itniflAuthor Commented:
Yes, CORS was the solution. Since I was using Express with nodejs, I used this guide in stead, short simple and right on spot:
http://bannockburn.io/2013/09/cross-origin-resource-sharing-cors-with-a-node-js-express-js-and-sencha-touch-app/

I placed app.use() in app.configure though:
app.configure(function () {
    app.use(enableCORS);
});
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now