1

I have tried to implement a cross-domain AJAX request, based on this answer.

http://jsfiddle.net/PXSMQ/1/

I have added the following headers:

header('Access-Control-Allow-Origin:  *');
header('Access-Control-Allow-Methods: POST, GET, OPTIONS');
header('Access-Control-Max-Age: 1000');
header('Access-Control-Allow-Headers: Content-Type');
header("Access-Control-Allow-Headers: x-requested-with");
header('Access-Control-Allow-Headers: x-csrf-token');

But I still get this error:

XMLHttpRequest cannot load http://www.belardi.ro/userTrack/addData.php. Origin http://fiddle.jshell.net is not allowed by Access-Control-Allow-Origin.
Community
  • 1
  • 1
XCS
  • 23,776
  • 24
  • 82
  • 135

2 Answers2

3

The Access Control headers have to be configured on the server that you're sending your request to. You can't set them yourself. If the server you're sending your request to is not configured appropriately you won't be able to make these requests.

  • This headers are set on the server, inside the `addData.php` file. – XCS Jun 19 '13 at 10:07
  • Can you post the HTTP request headers and the server responses? I don't mean here the PHP code - I mean the actual headers being sent back and forth. –  Jun 19 '13 at 10:20
1

Those headers are not appearing in the response from addData.php:

david@raston ~ $ curl -i -d 'some=json' http://www.belardi.ro/userTrack/addData.php
HTTP/1.1 200 OK
Date: Wed, 19 Jun 2013 10:12:35 GMT
Server: LiteSpeed
Connection: close
X-Powered-By: PHP/5.2.14
Content-Type: text/html
Content-Length: 16
Vary: User-Agent

Invalid page url~ :
Quentin
  • 800,325
  • 104
  • 1,079
  • 1,205