-2

I created a small js containing a code to track and save through an ajax call the coordinates of the click on a web page. In a website (domain2) is entered in the head

<script src="http://www.domain1.com/scan/track/mousehandle.js"></script>

that contain code like this:

$('*').on('click', function (e) {
// make sure the event isn't bubbling
if (e.target != this) {
    return;
}
$.ajax({
    type: "POST",
    url: "http://www.domain1.com/scan/track/php/ajaxcall.php",
    data: { x: e.pageX, y: e.pageY }
})
.done(function( msg ) {
    alert( "Data Saved: " + msg );
});

}

But when i click on the domain2 webpage, return this:

XMLHttpRequest cannot load http://www.domain1.com/scan/track/php/ajaxcall.php. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.domain2.com' is therefore not allowed access.

How can i save click coordinates trapped by my javascript positioned on another domain??

Thanks in advance

AleMal
  • 1,977
  • 6
  • 24
  • 49
  • The location of the JavaScript has nothing to do with anything. The only things that matter are the domain of the host page and the target domain. If you control both domains, you can set up [CORS headers as needed.](https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS) – Pointy Aug 19 '14 at 12:40
  • 1
    You need to enable CORS on the receiving server, or use a JSONP request. – Rory McCrossan Aug 19 '14 at 12:40
  • Cross Domain - See [Same Origin Policy](https://developer.mozilla.org/en-US/docs/Web/Security/Same-origin_policy). – epascarello Aug 19 '14 at 12:41
  • but if i can control only domain1? – AleMal Aug 19 '14 at 12:42

1 Answers1

1

You will need to enable CORS. Please check link to enable in php scripts.

http://enable-cors.org/server_php.html

Yalamber
  • 7,360
  • 15
  • 63
  • 89
  • thanks but if i don't have any kind of control on domain2 how can i enable CORS and save ajax call parameters on my db? – AleMal Aug 19 '14 at 12:52
  • In that case, You can proxy that request through your server. In your script you can use curl to perform exact request to other domain and add that script link in your ajax url – Yalamber Aug 19 '14 at 12:59