HTML page will not complete an XMLHTTPRequest

Question

So I'm trying to get an outside script to complete a login request using XMLHTTPRequest.

The error I'm getting is XMLHttpRequest cannot load http:///.php. Origin http://* is not allowed by Access-Control-Allow-Origin.

Now I've grown quite familiar with this post: XmlHttpRequest error: Origin null is not allowed by Access-Control-Allow-Origin

And from what I understand I need to request it as a JSONP object. The problem with that, is I'm using an XMLHTTPRequest and cannot use the jQuery library to do that.

Here's my code from the html page I'm trying to execute the script from:

<html>
<head>
<meta http-equiv="Access-Control-Allow-Origin" content="*">
<script language = "javascript" type="text/javascript" src="jquery-1.7.2.js">
</script>
<script language = "javascript" type="text/javascript" src="main.js">
</script>
<script type="text/javascript">
function show_prompt()
  {
    var name=prompt("User Name");
    var password =prompt("Password"); 
    var loginWorked = false;
    if (name!=null && name!="") loginWorked = init(name,password);
if(loginWorked == true){
    window.location = "Toolbar.html"
}
}
</script>
</head>
<body>
<input type="button" onclick="show_prompt()" value="Login" />
</body>
</html>

And the code from my main file:

The init function:

function init(username,password){
    //Initializes the toolbar.

init.user = username;
init.pass = password;
init.pass_hashed = sha256(init.pass);
var key = fetchKey(username);
init.pass_hashed += key;
init.pass_hashed = sha256(init.pass_hashed);
var loginParams = "login=1&pwd=" + init.pass_hashed + "&uname=" + init.user + "&LastKey=" + getKey();
loginReqReturn = send_request("http://data.nova-initia.com/login2.php","POST", loginParams);
if(loginReqReturn.responseText != "Error: Login Incorrect "){
    return true;
}
else return false;

}

And the sendRequest method:

function send_request(theURL, theMethod, theParams)
{
var theReq = new XMLHttpRequest();
theReq.overrideMimeType("application/json");
theReq.open(theMethod,theURL,false);
if(typeof(theParams) === "string")
{
    theReq.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
}
else
{
    theReq.setRequestHeader("Content-type", "application/json");
    theParams = JSON.stringify(theParams);
}
if(_key) theReq.setRequestHeader("X-NOVA-INITIA-LASTKEY", _key);
if(theParams)
{
    theReq.send(theParams);
}
setKey(theReq);
return theReq;

}

Not the most efficient code, but it at least works when I execute it in a non-HTML context (I'm working on a toolbar for Google Chrome, but need the html overlay to work). Any help is much appreciated.

Do you think you can only do those type of requests with jQuery? — epascarello, Apr 18 '12 at 22:40

score 0 · Answer 1 · answered Apr 18 '12 at 22:14

0

I'm not sure what your exact question is, but if you know that using JSONP is the solution that you can do that without using jQuery. Here's how it works: http://en.wikipedia.org/wiki/JSONP

answered Apr 18 '12 at 22:14

Koen Peters

12,798
6
36
59

Jonathan Lonowski · Answer 2 · 2012-04-18T22:55:04.717

0

If this is for a Google Chrome Extension, you can request permissions for cross-origin XMLHttpRequest requests within the extension's manifest:

{
  ...
  "permissions": [
    "http://data.nova-initia.com/"
  ],
  ...
}

edited Apr 18 '12 at 22:55

answered Apr 18 '12 at 22:46

Jonathan Lonowski

121,453
34
200
199

HTML page will not complete an XMLHTTPRequest

2 Answers2