{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 旧人旧事旧时光 的问题《Access-Control-Allow-Origin error sending a jQuery》','https://www.manongdao.com/q-6767.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I read a lot for the 'Access-Control-Allow-Origin' error, but I don't understand what I have to fix :(
I'm playing with Google Moderator API, but when I try to add new serie I receive:
XMLHttpRequest cannot load
https://www.googleapis.com/moderator/v1/series?key=[key]
&data%5Bdescription%5D=Share+and+rank+tips+for+eating+healthily+on+the+cheaps!
&data%5Bname%5D=Eating+Healthy+%26+Cheap
&data%5BvideoSubmissionAllowed%5D=false.
Origin [my_domain] is not allowed by Access-Control-Allow-Origin.
I tried with and without callback parameter, I tried to add 'Access-Control-Allow-Origin *' to the header. And I don't know how to use $.getJSON here, if apply, because I have to add the Authorization header and I don't know how to do it without beforeCall from $.ajax :/
Any light for this darkness u.u?
That's the code:
<script src="http://www.google.com/jsapi"></script>
<script type="text/javascript">
var scope = "https://www.googleapis.com/auth/moderator";
var token = '';
function create(){
if (token == '')
token = doCheck();
var myData = {
"data": {
"description": "Share and rank tips for eating healthily on the cheaps!",
"name": "Eating Healthy & Cheap",
"videoSubmissionAllowed": false
}
};
$.ajax({
url: 'https://www.googleapis.com/moderator/v1/series?key='+key,
type: 'POST',
callback: '?',
data: myData,
datatype: 'application/json',
success: function() { alert("Success"); },
error: function() { alert('Failed!'); },
beforeSend: setHeader
});
}
function setHeader(xhr) {
xhr.setRequestHeader('Authorization', token);
}
function doLogin(){
if (token == ''){
token = google.accounts.user.login(scope);
}else{
alert('already logged');
}
}
function doCheck(){
token = google.accounts.user.checkLogin(scope);
return token;
}
</script>
...
...
<div data-role="content">
<input type="button" value="Login" onclick="doLogin();">
<input type="button" value="Get data" onclick="getModerator();">
<input type="button" value="Create" onclick="create();">
</div><!-- /content -->
In my case the sub domain name causes the problem. Here are details
I used
app_development.something.com, here underscore(_) sub domain is creating CORS error. After changingapp_developmenttoapp-developmentit works fine.I had exactly the same issue and it was not cross domain but the same domain. I just added this line to the php file which was handling the ajax request.
It worked like a charm. Thanks to the poster
If you have this error trying to consume a service that you can't add the header
Access-Control-Allow-Origin *in that application, but you can put in front of the server a reverse proxy, the error can avoided with a header rewrite.Assuming the application is running on the port 8080 (public domain at www.mydomain.com), and you put the reverse proxy in the same host at port 80, this is the configuration for Nginx reverse proxy:
I solved the Access-Control-Allow-Origin error modifying the dataType parameter to dataType:'jsonp' and adding a crossDomain:true
Yes, the moment jQuery sees the URL belongs to a different domain, it assumes that call as a cross domain call, thus
crossdomain:trueis not required here.Also, important to note that you cannot make a synchronous call with
$.ajaxif your URL belongs to a different domain (cross domain) or you are using JSONP. Only async calls are allowed.Note: you can call the service synchronously if you specify the
async:falsewith your request.