Hy there,
I'm implementing a bookmarklet that needs to post some XMLHttpRequests to a php-script which is done via JQuery.
Basically this is looking something like this (just simple examples...):
Javascript:
$.post('https://www.myserver.com/script.php').always(function(data) {
console.warn('data:', data);
}
script.php:
<?php
header('Access-Control-Allow-Origin: *');
$res["isSession"] = false;
echo json_encode($res);
At first this wasn't working at all because of the null-origin but after I've seen this post I added the "header('Access-Control-Allow-Origin: *');" line.
With this line it's at least working when i execute the script on a locally installed Apache.
Unfortunately as soon as i try to execute it on my online site that is located on a shared host it doesn't work but gives me "XmlHttpRequest error: Origin null is not allowed by Access-Control-Allow-Origin" error message.
On the shared host it's also Apache running. Could this be caused by some Apache-config? If yes, which one?
What else could be the problem and how can i resolve it?
Thanks
ps.: If i explicitly use jsonp as datatype for the jquery-post it's working, but therefore I'd have to rewrite some php files and some other javascripts that use them too. Therefore I'd like to avoid this option if possible...
edit: I just found out that the php file on the online server is inside a directory that is "locked" with a htaccess-file. If i move the php file to a directory that is accessible for everyone i don't get the mentioned error message.
Does anybody now how i can circumvent this problem? Putting the php file to an publicly accessible directory wouldn't be exactly my preferred option...
