No 'Access-Control-Allow-Origin' header is present...

When attempting to execute the following javascript:

var url = 'http://www.mywebsite.com/wp-content/private/data.json';
    
try {
      $.getJSON(url, function(result){
          console.log(result);
      });
} catch(e) {
      console.log(e);
}

Open in new window


I get this error: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://127.0.0.1:8080' is therefore not allowed access.

Here are the headers I am setting:
angular.module.config(['$httpProvider', function($httpProvider) {
        $httpProvider.defaults.headers.common = {'Access-Control-Allow-Origin': '*', 'Access-Control-Allow-Method': 'GET, POST'};
        $httpProvider.defaults.headers.post = {};
        $httpProvider.defaults.headers.put = {};
        $httpProvider.defaults.headers.patch = {};
        $httpProvider.defaults.useXDomain = true;
        $httpProvider.defaults.withCredentials = true;
        delete $httpProvider.defaults.headers.common['X-Requested-With'];
        $httpProvider.defaults.headers.common["Accept"] = "application/json";
        $httpProvider.defaults.headers.common["Content-Type"] = "application/json";
        }
    ]
)

Open in new window


What am I doing wrong?  Do I need to set something on the website?  If so what?
Thank you very much
Michael DavidAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
You need to add the header:
Access-Control-Allow-Origin *
or
Access-Control-Allow-Origin http://www.foo.com

Otherwise this is known as cross site scripting which is by default denied.  Since you are also not using a 'domain' in your instance you also have to
Access-Control-Allow-Origin http://127.0.0.1
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Julian HansenCommented:
Here are the headers I am setting:
Those are the headers sent from the client.
You need to add the headers, Dave has in his post, to your server response.
0
leakim971PluritechnicianCommented:
you need to add a plugin like this in your wordpess site (mywebsite.com) znf configure it :
https://github.com/jacopotarantino/WordPress-Cross-Domain-Plugin

/!\ you MUST limit site doing request to your wordpress site
0
Michael DavidAuthor Commented:
Thank you very much for your time and expertise.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Browsers

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.