0

I'm trying to send a crossdomain request, but the responce is:

jquery-1.12.2.min.js:4 OPTIONS http://127.0.0.1:8080/ygo/v1/owner/new send @ jquery-1.12.2.min.js:4n.extend.ajax @ jquery-1.12.2.min.js:4LoginViewModel.self.actionLogin @ app.js:17(anonymous function) @ knockout.js:98n.event.dispatch @ jquery-1.12.2.min.js:3r.handle @ jquery-1.12.2.min.js:3
index.html:1 XMLHttpRequest cannot load http://127.0.0.1:8080/ygo/v1/owner/new. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:1010' is therefore not allowed access. The response had HTTP status code 405.
app.js:34 {"login":"admin","password":"admin","autologin":"true"}

Here is my script (Knockout):

function Login(data) {
    this.login = ko.observable(data.login);
    this.password = ko.observable(data.password);
    this.autologin = ko.observable(data.autologin);
}

function LoginViewModel() {
    var self = this;
    self.login = ko.observable("admin");
    self.password = ko.observable("admin");
    self.autologin = ko.observable("true");

    self.actionLogin = function() {
        $.ajax({
            type: "post",
            url: "http://127.0.0.1:8080/ygo/v1/owner/new",
            data: ko.toJSON({ login: self.login, password: self.password, autologin: self.autologin }),
            dataType: "json",
            crossDomain: true,
            async: true,
            contentType: "application/json",
            success: function(result) {
                console.log(result)
            },
            error: function(result) {
                console.log(ko.toJSON({ login: self.login, password: self.password, autologin: self.autologin }))
            }

        });
    };

}

ko.applyBindings(new LoginViewModel());

I'm using the Python Bottle as a sample local stubs API. This is the example code:

@route('/ygo/v1/owner/new', method='POST')
def index():
    response.content_type = 'application/json'
    response.headers['Access-Control-Allow-Origin'] = '*'
    login = request.json['login']
    password=request.json['password']
    autologin=request.json['autologin']
    if login=="admin" and password=="admin":
        rs={"Success":True, "info":[]}
    else:
        rs={"Success":False, "info":[{"error":True, "message":"User/Password is incorrect.", "code":10}]}
    return dumps(rs)

You see that the “Allow Origin” is set to "*" in stubs. As I understand the solution is that I should send the «Access-Control-Allow-Origin» value in OPTIONS in my POST request, but I don't know how to do it correctly.

robuh
  • 61
  • 1
  • 9
  • You don't need to put the `Access-Control-Allow-XXX` headers in the request, although I can't tell you why it's not being recognised in your Python code. – Rory McCrossan Apr 15 '16 at 13:01
  • You deal with an OPTIONS request in the same way that you deal with a POST request except you write "OPTIONS" where you have written "POST". – Quentin Apr 15 '16 at 13:09
  • You absolutely right, removed Access-Control-Allow-Origin and Access-Control-Allow-Methods from my reqiest. Maybe I don't need the header options in request? As I know the «crossDomain: true» parameter enables the crossdomain requests, but it doesn't work. – robuh Apr 15 '16 at 13:22

0 Answers0