json ,webservice "undefine error"

Question

 function authonticate() {            
      $.ajax({
        type: "POST",
    url: "http://lp18mobile.azurewebsites.net/LP18WS.asmx/AuthonticateUser",
              contentType: "application/jsonp; charset=utf-8",
            data: {
               "some data"
            },               
            dataType: "json",
            success: function (msg) {
               //success
              }
            },
            error: function (msg) {
               //error
            },
        });
    }

i have used Jquery,json,html5,webservice to develop the application.

When I run the app it will throw

undefined error at "XMLHttpRequest cannot load http://lp18mobile.azurewebsites.net/LP18WS.asmx/AuthonticateUser. 
Origin http://'localhost:5733/..' is not allowed by Access-Control-Allow-Origin."

why?

Answer 1

Your code is actually attempting to make a CORS request, not an ordinary POST.

Modern browsers will only allow Ajax calls to pages in the same domain as the source HTML page.

In other words, whenever the HTML page that tries to make an Ajax request is not on the same domain as the target URL (in your case, lp18mobile.azurewebsites.net:80), the browser won't make the call (as you'd expect). Instead, it will try to make a CORS request. Bear in mind that, for the browser, localhost:80 and localhost:5733 (same host, but different ports) are different domains.

CORS request? What is that?

Wikipedia says: Cross-origin resource sharing (CORS) is a mechanism that allows a web page to make XMLHttpRequests to another domain. Such "cross-domain" requests would otherwise be forbidden by web browsers, due to the same origin security policy.

To put it shortly, to perform a CORS request, your browser:

• Will first send an OPTION request to the target URL
  • That's how it found out that Origin ... is not allowed by Access-Control-Allow-Origin.
• And then only if the server response to that OPTION contains the adequate headers (Access-Control-Allow-Origin is one of them) to allow the CORS request, the browser will perform the call (almost exactly the way it would if the HTML page were at the same domain).
  • If the expected headers don't come, the browser simply gives up (like it did to you).

How to make it work?

If you can't change the web service or the HTTP server where it is hosted: There is nothing you can do about it other than deploying that HTML file in a server located at the same domain of the service (in your scenario, lp18mobile.azurewebsites.net:80).

If you do can change the web service: To enable CORS in ASP.NET web services, you can just add the headers by adding the following line to your source pages:

Response.AppendHeader("Access-Control-Allow-Origin", "*");

But this is just a workaround to get you started. You really should get to know more about the CORS headers. More details in: Using CORS to access ASP.NET services across domains

If you do can change the HTTP server of the web service: Check this link to see how you can do it on Apache. Click here to learn how to enable it in IIS7 or here to make it in IIS6.

How about JSONP?

To use JSONP in this scenario, you'd have to change the service to return information via GET, as you can't POST using JSONP. (This answer points to some hacks, but that's going too far, I think.)

I don't have access to the HTTP server or the web service. No workarounds at all, then?

There are some options, but none of them is a clean workaround, really. You could set up an application (at the same domain/port of your HTML file) that forwards every TCP/IP request to lp18mobile.azurewebsites.net:80, and then fool your browser. Or you could set up a mirror of that web service in you domain/port. You see, it all becomes too dirty from this point on.

Answer 2

Your data type should be dataType:"jsonp"

Answer 3

Misspelled contentType: "application/jsonp; charset=utf-8"
Replace it by:
contentType: "application/json; charset=utf-8"