Solved

No 'Access-Control-Allow-Origin' header is present...

Posted on 2016-09-11
4
185 Views
Last Modified: 2016-09-13
When attempting to execute the following javascript:

var url = 'http://www.mywebsite.com/wp-content/private/data.json';
    
try {
      $.getJSON(url, function(result){
          console.log(result);
      });
} catch(e) {
      console.log(e);
}

Open in new window


I get this error: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://127.0.0.1:8080' is therefore not allowed access.

Here are the headers I am setting:
angular.module.config(['$httpProvider', function($httpProvider) {
        $httpProvider.defaults.headers.common = {'Access-Control-Allow-Origin': '*', 'Access-Control-Allow-Method': 'GET, POST'};
        $httpProvider.defaults.headers.post = {};
        $httpProvider.defaults.headers.put = {};
        $httpProvider.defaults.headers.patch = {};
        $httpProvider.defaults.useXDomain = true;
        $httpProvider.defaults.withCredentials = true;
        delete $httpProvider.defaults.headers.common['X-Requested-With'];
        $httpProvider.defaults.headers.common["Accept"] = "application/json";
        $httpProvider.defaults.headers.common["Content-Type"] = "application/json";
        }
    ]
)

Open in new window


What am I doing wrong?  Do I need to set something on the website?  If so what?
Thank you very much
0
Comment
Question by:Michael David
4 Comments
 
LVL 80

Accepted Solution

by:
David Johnson, CD, MVP earned 500 total points
ID: 41793603
You need to add the header:
Access-Control-Allow-Origin *
or
Access-Control-Allow-Origin http://www.foo.com

Otherwise this is known as cross site scripting which is by default denied.  Since you are also not using a 'domain' in your instance you also have to
Access-Control-Allow-Origin http://127.0.0.1
0
 
LVL 56

Expert Comment

by:Julian Hansen
ID: 41793823
Here are the headers I am setting:
Those are the headers sent from the client.
You need to add the headers, Dave has in his post, to your server response.
0
 
LVL 82

Expert Comment

by:leakim971
ID: 41793839
you need to add a plugin like this in your wordpess site (mywebsite.com) znf configure it :
https://github.com/jacopotarantino/WordPress-Cross-Domain-Plugin

/!\ you MUST limit site doing request to your wordpress site
0
 

Author Closing Comment

by:Michael David
ID: 41795749
Thank you very much for your time and expertise.
0

Featured Post

Resolve Critical IT Incidents Fast

If your data, services or processes become compromised, your organization can suffer damage in just minutes and how fast you communicate during a major IT incident is everything. Learn how to immediately identify incidents & best practices to resolve them quickly and effectively.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I annotated my article on ransomware somewhat extensively, but I keep adding new references and wanted to put a link to the reference library.  Despite all the reference tools I have on hand, it was not easy to find a way to do this easily. I finall…
Boost your ability to deliver ambitious and competitive web apps by choosing the right JavaScript framework to best suit your project’s needs.
The viewer will learn the basics of jQuery including how to code hide show and toggles. Reference your jQuery libraries: (CODE) Include your new external js/jQuery file: (CODE) Write your first lines of code to setup your site for jQuery…
This Micro Tutorial will demonstrate how nuggets on the Web are formatted by using Chrome Developer Tools. These tools would not only view the site's CSS but it can also modify it and save the CSS to use on your own site.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question