0

I'm attempting to create an HTML-file that acts as a direct link to a cached site made by proxysite. Is there any way I can send a form containing a URL, without having the user fill in any field?

Sending it via ajax like so:

var params = {
    "d" : "http://www.web.site/"
};

$.ajax({
    url: "https://eu1.proxysite.com/includes/process.php?action=update",
    type: "POST",
    data: params
});

Seems to be purposefully blocked, as it returns this error message:

No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.

EDIT: I realize why the above won't work. Since I don't have access to the previously mentioned website, I am looking for a possible workaround.

Ridir
  • 23
  • 6
  • Possible duplicate of [How does Access-Control-Allow-Origin header work?](http://stackoverflow.com/questions/10636611/how-does-access-control-allow-origin-header-work) – Marcin Sep 26 '16 at 19:07
  • You can have an HTML form with the `action` attribute set to an external website, and the user will be taken to that site when they submit the form. But due to cross-origin security rules, you can't call an external website with Ajax. Depending on your needs, you may be able to get around this using a CORS proxy such as https://crossorigin.me/ – Hayden Schiff Sep 26 '16 at 19:07
  • You can put the values into the `
    ` inputs and then call `form.submit()` to submit the form, just as if the user had done it.
     – Barmar Sep 26 '16 at 19:14
  • Crossorigin.me won't work, as it only supports GET-requests. I don't really know how I am supposed to call form.submit(), seeing as I can't access any elements of the website where the form resides. – Ridir Sep 26 '16 at 19:32

1 Answers1

0

The reason you are receiving the "No Access-Control-Allow-Origin" header is because the receiving server needs to provide CORS headers. If you have access to the proxysite you will need to set the following headers to allow your request to go through 

 <?php
 header("Access-Control-Allow-Origin: *");

Where the asterisk is the domain you want to allow. If you leave the asterisk in the the server will accept all requests from any local scripts on any domain.

Regarding sending the form without having the user input any fields-- Yes, it's possible to send data without user input. The way you are doing it is the correct way to send data via the jQuery Ajax method.

Dondrey Taylor
  • 290
  • 3
  • 10
  • Thank you for your answer, but the whole issue is that I don't have access to the proxysite. I'm looking for a possible workaround. – Ridir Sep 26 '16 at 19:35
  • @Ridir Ah okay, I see what you're saying. Try setting the "dataType" property within your $.ajax function to "jsonp". By setting the dataType to jsonp (json with padding) the browser will carry out the request to the URL as though it were a javascript file. This would circumvent the No origin policy. So for example your $.ajax function would look something like $.ajax({url:"", type:"", "dataType":"jsonp", params: []}) – Dondrey Taylor Sep 26 '16 at 19:42