2

i keep getting cross origin issue when i do an ajax post from my localhost to my server :

OPTIONS http://domain:port/fileuploader/fileupload No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access. plupload.full.min.js:14
XMLHttpRequest cannot load http://domain:port/fileuploader/fileupload. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access.

am using apache so i added this to allow everything but still its now working : 

 Header add Access-Control-Allow-Origin *
 Header add Access-Control-Allow-Headers "SOAPAction, Authorization, username, password, origin, X-Requested-With, Content-Type, XMLHttpRequest"
 Header add Access-Control-Allow-Methods "POST, GET, PUT, DELETE, OPTIONS"
 Header add Access-Control-Allow-Credentials: "true"

the response header from my browser is :

Request URL:http://domain:port/fileuploader/fileupload
Request Method:OPTIONS
Status Code:200 OK
Request Headersview source
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8,ar;q=0.6
Access-Control-Request-Headers:content-type
Access-Control-Request-Method:POST
Cache-Control:no-cache
Connection:keep-alive
Host:domain:port
Origin:http://localhost
Pragma:no-cache
Referer:http://localhost/omnixuploader/index.html?dDocName=test8818&dDocTitle=test8818&dDocType=SiebelAttachment&dDocAuthor=SADMIN&lan=ara&files=test|jpg:png:txt|220,wwow|pdf:txt:zip|222&rand=19
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/31.0.1650.63 Safari/537.36
Response Headersview source
Allow:GET, HEAD, POST, TRACE, OPTIONS
Content-Length:0
Date:Thu, 09 Jan 2014 14:39:45 GMT
X-ORACLE-DMS-ECID:a3121f70a766128a:-422d6665:14370f7c3a3:-8000-000000000000057a
X-Powered-By:Servlet/2.5 JSP/2.1

I dont understand why its not working ? any hints ?

Pavel S.
  • 11,892
  • 18
  • 75
  • 113
Hasan Al-Natour
  • 1,936
  • 2
  • 14
  • 22

2 Answers2

1

You appear to be configuring http://localhost to give permission to other sites to tell browsers to make requests to it.

You need to tell http://domain:port/ to do that.

X-Powered-By:Servlet/2.5 JSP/2.1 suggests that you may be using Apache Tomcat. How to configure that server is described in answers to this question.

Community
  • 1
  • 1
Quentin
  • 914,110
  • 126
  • 1,211
  • 1,335
  • am trying to do a post from localhost to my domain so the configuration above is done on the domain Apache httpd.conf , and the domain has (Header add Access-Control-Allow-Origin * ) – Hasan Al-Natour Jan 09 '14 at 14:54
  • Then it looks like you are configuring the server that runs on port 80 and not the one that runs on the port number you have replaced with `:port` in your example. – Quentin Jan 09 '14 at 14:56
  • the post am posting to is 7001 , what should i do ? – Hasan Al-Natour Jan 09 '14 at 14:59
  • 1
    Configure the server running on port 7001, not the one running on port 80. – Quentin Jan 09 '14 at 15:13
0

Try setting the header first and then add the others:

Header set Access-Control-Allow-Origin *

Header add Access-Control-Allow-Headers "SOAPAction, Authorization, username, password, origin, X-Requested-With, Content-Type, XMLHttpRequest"

Header add Access-Control-Allow-Methods "POST, GET, PUT, DELETE, OPTIONS"

Header add Access-Control-Allow-Credentials: "true"
Cthulhu
  • 5,095
  • 7
  • 46
  • 58
Promit Neogy
  • 19
  • 4