2

I have a UI which is built with JS/KnockOut. The UI (Site A) has form and onclick functions. I send the data to my Mock API (running on Site B).

But, I get this error due to Cross Origin as both these are on different sites.

I binged/yahooed/googled all the sites and one thing they mentioned was to set the header Access-Control-Allow-Origin.

  1. Can you please help with a code snippet on how to do this?
  2. Should I be adding this header on Site A or Site B?

I tried the following in Site A:

var req = new XMLHttpRequest();
var url = 'http://siteB';
req.open('POST',url,true);
req.setRequestHeader('Access-Control-Allow-Origin','*');
req.setRequestHeader('Access-Control-Allow-Headers','*');

...
$.post('http://siteB/FormUpload', data, function(r)
{
    if (r)
        {redirectSuccess();}
    else 
        {viewModel.uploadError(true);}
}

Am I missing something?

Thanks!

Update I tried to follow links which @brianlmerritt pointed below and I have the same thing... but still see this issue. Do we need to send the headers before my Post or does it have to be same request?

khar
  • 201
  • 4
  • 12
  • Possible duplicate of [How to get a cross-origin resource sharing (CORS) post request working](http://stackoverflow.com/questions/5750696/how-to-get-a-cross-origin-resource-sharing-cors-post-request-working) – brianlmerritt Apr 26 '16 at 05:48
  • You need to have access to siteB, and enable CORS. There is a lot of information about this on StackOverflow, but it depends upon A) whether you really have access to the remove server and B) what the server is (Apache, Nginx etc) - ps this question has been asked many times on StackOverflow – brianlmerritt Apr 26 '16 at 05:50
  • I tried to follow links which @brianlmerritt pointed below and I have the same thing... but still see this issue. Do we need to send the headers before my Post or does it have to be same request? – khar Apr 26 '16 at 06:49
  • Headers need to be set by the server, not the client – brianlmerritt Apr 26 '16 at 08:03

0 Answers0