0

This relates to https://stackoverflow.com/a/10143166/2360569, but I haven't gotten the accepted answer to work.

I am simply making an ajax request from a client script, which works locally but not on a test server.

ClientScript.js:

var AppViewModel = function () {
var self = this;

self.Refresh = function () {
    $.ajax({
        url: "http://localhost/AppName/ControllerName/GetData",
        type: 'GET',
        contentType: 'application/json; charset=utf-8',
        success: function (data, textStatus, jqXHR) {
            //do stuff
        },
        error: function (jqXHR, textStatus, errorThrown) {
            //should do something here
        },
        complete: function (jqXHR, textStatus) {
            //other stuff
        }
    });
}

For my MVC web service, I added this function to the global.asax.cs:

    protected void Application_BeginRequest(object sender, EventArgs e)
    {
        HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "http://localhost");
        HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "http://testdev");
    }

I am still getting this error message when I deploy to the "testdev" server:

XMLHttpRequest cannot load http://localhost/AppName/ControllerName/GetData.
Origin http://testdev is not allowed by Access-Control-Allow-Origin.

What am I missing here?

Community
  • 1
  • 1
Chronozoa
  • 310
  • 6
  • 10

1 Answers1

2

You're using an absolute url (http://localhost/AppName/ControllerName/GetData), what is only valid on your local environment. Change it to something like this 

url: "/AppName/ControllerName/GetData",
Claudio Redi
  • 67,454
  • 15
  • 130
  • 155
  • @Erlend: that's not cross domain as it's relative to the current domain. Not sure why you say that. – Claudio Redi Jul 02 '13 at 15:30
  • @ClaudioRedi: That was my point. Chronozoa is trying to figure out how to get Access-Control-Allow-Origin working, and the answer here is not using cross domain requests. So you could just drop the entire header. – Erlend Jul 03 '13 at 11:54
  • @Erlend: I'm afraid you're totally wrong, he's not trying to access a cross domain resource, he's trying to know why he was getting this error. Also, take into account that he marked the question as resolved and said "Thanks, this fixed it!" – Claudio Redi Jul 03 '13 at 12:33
  • 2
    @ClaudioRedi: In which case, the question title is pointless as that header is intended for Cross domain requests. He should then just drop what's in global.asax.cs as it's not needed for same origin requests. – Erlend Jul 04 '13 at 06:52
  • @Erlend: I don't know what we're discussing here... have you noticed that he deployed to a different environment a link pointing to `localhost`???? That's the problem and what he needed to address first of all. If you have any other concern or suggestion, contact the user who did the question. – Claudio Redi Jul 04 '13 at 12:16
  • @ClaudioRedi: Yes, I noticed. I'm saying he does not need the Access-Control-Allow-Origin header when making XHR requests back to the same server (re: the title of the question). Yes, I know the problem is solved and the problem was the URL. He should still remove the headers though as they are not needed. – Erlend Jul 04 '13 at 13:51
  • @Erlend: ok, tell that to user as it might be relevant for him. In any case your interpretation of the question is wrong as user is not "...trying to figure out how to get Access-Control-Allow-Origin" as you say but trying to fix the error caused by a harcoded localhost reference. – Claudio Redi Jul 04 '13 at 14:24
  • @ClaudioRedi: Yes, I know I misunderstood the question. But your answer still lacks telling him to remove the unneeded headers. Please think beyound this answer. Think about people ending up at this question from a google search, and then becoming confused. If I misunderstood the question, there is a chance someone else will. Especially given the title. – Erlend Jul 04 '13 at 19:33