1

I am trying to login to my wordpress site using ajax call, which i asked in previous question. It should not respond anything back. But whenever i call this ajax function, Firefox(firebug) is showing 200 OK in red. This must be a cross domain issue. Tried too many things but no luck so far. Here is the code:

$.ajax({
         type: "POST",
         url: "http://path-to-wordpress/wp-login.php",
         data:myData
         success: function(data){

         },
        error: function (xhr, ajaxOptions, thrownError) {

        }   
});

Any suggestion will be appreciated.

Community
  • 1
  • 1
Muhammad Zeeshan
  • 8,722
  • 10
  • 45
  • 55
  • 1
    are you trying from two different domains? – Muthu Kumaran Nov 01 '12 at 10:02
  • If you want to login to your worldpress which is hosted on another server, I can suggest you another method, not through ajax – Tariq Aziz Nov 01 '12 at 10:02
  • possible duplicate of [Ways to circumvent the same-origin policy](http://stackoverflow.com/questions/3076414/ways-to-circumvent-the-same-origin-policy) – Quentin Nov 01 '12 at 10:04
  • You JS code is wrong. You can't name a variable as `my-data` and a missing `,` after my-data. – Muthu Kumaran Nov 01 '12 at 10:06
  • 1
    @Muthu Kumaran both are sub domain to each other like one is like abc.com and other is like dev.abc.com – Muhammad Zeeshan Nov 01 '12 at 10:06
  • Sorry it may be unrelated but sometimes its very efficient for me to Do something like the following, you need to find the wp form action with a full path and form html. $formHtml = '
    '; echo $formHtml;exit;     – Tariq Aziz Nov 01 '12 at 10:07
  • @TariqAziz: I have already tried this, but it gives the same error too. – Muhammad Zeeshan Nov 01 '12 at 10:09

4 Answers4

2

I assume your JS code is on abc.com and your wordpress site is dev.abc.com.

To fix cross domain issue, just add the following code to .htaccess file to your wordpress site (dev.abc.com)

SetEnvIf Origin "^http(s)?://(.+\.)?(abc\.com)$" origin_is=$0 
Header always set Access-Control-Allow-Origin %{origin_is}e env=origin_is

Just replace (abc\.com) with a proper site name. For eg: (google\.com) or (yahoo\.com)

Muthu Kumaran
  • 17,682
  • 5
  • 47
  • 70
  • Actually the Zend application is on dev.abc.com and wordpress is on abc.com. i know its weird, but the wordpress was built and already installed by another company for this client, and now I have this project. – Muhammad Zeeshan Nov 01 '12 at 10:16
  • can you able to add that piece of code to the wordpress site? – Muthu Kumaran Nov 01 '12 at 10:19
1

Set the dataType to JSONP, in your ajax call and it will work cross-domain

For refrence ot ajax call visit jQuery Ajax

Ravi
  • 2,078
  • 13
  • 23
1

There is property named crossDomain of $.ajax. Please set it to true.

ahad_noor
  • 21
  • 2
0

You need to add CORS headers in you wp-login.php page.

Here's how to do it

But given the nature of the page, be extra cautious : don't allow all origins (*) but only your site. If you allow all, your users could have their login info stolen.

Denys Séguret
  • 372,613
  • 87
  • 782
  • 758