Ajax Cross-domain Php proxy 403 error

Question

I'm trying to consume a third party Api using javascript and a PHP proxy as seen in this Tread, i'm able to use the proxy but the response I get, is always:

Failed to load resource: the server responded with a status of 403 (Forbidden) http://MYDOMAIN.co/php/ba-simple-proxy.php?url=http://jsonplaceholder.typicode.com/posts&_=1471620448707

my javascript code is:

function getLocationSimple(){
var proxy = 'php/ba-simple-proxy.php',
    url = proxy + '?url=' + 'http://jsonplaceholder.typicode.com/posts';
    console.log(url);
// Make JSON request.
  $.getJSON( url, function(data){

    console.log(data);
  });
}

I thought it was about permissions on the third party server, so i decided to change it to an open one - http://jsonplaceholder.typicode.com/posts -, but i still get the same error, it might be permissions in my own server? -my host is hostgator-

http 403 error can be due to many reason, you can see more [here](https://en.wikipedia.org/wiki/HTTP_403). The problem is not in your `getLocationSimple` script but probably what's inside `php/ba-simple-proxy.php` . — The_ehT, Aug 19 '16 at 16:03

score 1 · Answer 1 · answered Aug 19 '16 at 15:41

1

Let's try once this piece of code

function getLocationSimple(){
            $.ajax({
                type: 'POST',
                dataType: 'jsonp',
                url: "http://jsonplaceholder.typicode.com/posts"
            })  .done(function( data ) {
                console.log( data);
              });
        }

this happens due to Cross-Domain Policy. Cross site access is not available in the api side . So we can use dataType: 'jsonp' to overcome this issue

answered Aug 19 '16 at 15:41

Achyut Kr Deka

739
1
8
18

works great for the example I chose!, however i've encountered a new error when using this with my real-life provider - > Refused to execute script from htttp://XXXXX because its MIME type ('application/json') is not executable, and strict MIME type checking is enabled. is there a way around that? – Carlos Valencia Aug 19 '16 at 16:16
http://stackoverflow.com/questions/24528211/refused-to-execute-script-from-because-its-mime-type-application-json-is – Achyut Kr Deka Aug 19 '16 at 16:35

score 0 · Answer 2 · answered Aug 19 '16 at 15:36

0

This has something to do with the Cross-Domain Policy. You can't do ajax requests to another domain due to security reasons, because a malicous attack could also involve to do a request via ajax to load additional script to hack you.

Even though Wikipedia might not be the best link to provide, it'll give you an idea.

https://en.wikipedia.org/wiki/Same-origin_policy

answered Aug 19 '16 at 15:36

thanks! i'm aware of this, that's why i'm trying to use a server-side connection, hence the PHP proxy, cheers! – Carlos Valencia Aug 19 '16 at 16:14

Ajax Cross-domain Php proxy 403 error

2 Answers2