0

I have the following code, which uses AJAX to load XML from a URL, but using that code alone results in this error: "XMLHttpRequest cannot load. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access."

...Ideas, please?

Teli
  • 57
  • 6
  • 5
    The headers have to be set at the source server. If you don't control that, then your only choice is to use a proxy of your own (like what you've done). You can pass the parameter through yourself and construct the URL dynamically in the proxy code. – Pointy Jan 04 '16 at 15:22
  • Yeah it's called a cross-domain request, and it's forbidden by browsers, for security reasons. The script would work if you ran it from the same domain (thegamesdb.net) but you run it from your localHost There are a few methods to bypass it (in a limited way), like JSONP... – Jeremy Thille Jan 04 '16 at 15:22
  • Possible duplicate of [how to bypass Access-Control-Allow-Origin?](http://stackoverflow.com/questions/7564832/how-to-bypass-access-control-allow-origin) – Stubborn Jan 04 '16 at 15:24
  • `echo file_get_contents("http://thegamesdb.net/api/GetGamesList.php?name=".$nameFromClient)` – mplungjan Jan 04 '16 at 15:25
  • @mplungjan You are saying to put that in the phpscript.php ? How would it know what .$nameFromClient is? It would be passed from the AJAX somehow? I've never communicated between AJAX and PHP before. – Teli Jan 04 '16 at 15:40

1 Answers1

1

Try the following

  1. Change the ajax to $.ajax({ url: "/php/phpscript.php",

  2. Change the PHP to echo file_get_contents("http://thegamesdb.net/api/GetGamesList.php?name=".$_GET["term"]);

You likely want to sanitize the $_GET["term"]

If the

mplungjan
  • 169,008
  • 28
  • 173
  • 236