Access-Control-Allow-Origin not sending from PHP

Question

Good day everybody!

Examined a lot of questions here with a similar problems but they quite different and nothing works. There is problem with third-party resource that author of question not controlling, in my case I am forcibly send header from server but receive nothing: No 'Access-Control-Allow-Origin' header is present on the requested resource error

I have a problem with CORS requests. Here is my JS (using jQuery):

$.ajax({
    type: "POST",
    url: "http://domain.com/module/api/storeData.php",
    data: 'data='+results,
    dataType: "html",
    async: false,
    crossDomain: true,
    success: function(msg){

        if(msg=="Ok")
        {
            $("#resultsPane").append ("Results successfully sent.");
        } else {
            $("#resultsPane").append (msg);
        }

    },
    error: function (xhr, status, errorT)
    {
       $("#resultsPane").append ("AJAX error: "+status+": "+errorT);
    }
});

Very begining of PHP:

<?php
    header ("Access-Control-Allow-Origin", "*");

But result is (in console):

jquery.js:10254 XMLHttpRequest cannot load http://domain.com/module/api/storeData.php. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:63342' is therefore not allowed access.

Response headers:

Connection:Keep-Alive
Content-Length:2
Content-Type:text/html
Date:Thu, 13 Oct 2016 13:19:23 GMT
Keep-Alive:timeout=5, max=100
Server:Apache/2.4.7 (Ubuntu)
X-Powered-By:PHP/5.5.9-1ubuntu4.17

AJAX errors in browser:

AJAX error: error: NetworkError: Failed to execute 'send' on 'XMLHttpRequest': Failed to load 'http://domain.com/module/api/storeData.php'.

Does someone know what could going wrong? Thank you in advance!

`header ("Access-Control-Allow-Origin: *");` Note you should consider specifying specific hosts to allow. — Jonnix, Oct 13 '16 at 13:36
Possible duplicate of [No 'Access-Control-Allow-Origin' header is present on the requested resource error](http://stackoverflow.com/questions/28547288/no-access-control-allow-origin-header-is-present-on-the-requested-resource-err) — Clement Amarnath, Oct 13 '16 at 13:39
Jon Stirling, Thank a lot! Really, my miss. Could you please post it as answer to make me able accept it? Thank you! — Serj.by, Oct 13 '16 at 13:53

score 1 · Accepted Answer · answered Oct 13 '16 at 19:59

1

Unlike various other functions and methods out in the wild where you expect to set items as key, value as separate parameters, header does not. Instead it expects that the entire string of the header line you want to set is the first param.

I.e.

header ("Access-Control-Allow-Origin: *");

Please do note you should consider specifying specific hosts to allow strictly, rather than allowing any access for security reasons.

answered Oct 13 '16 at 19:59

Jonnix

4,121
1
30
31

Okay. I really would like to know what the downvote is due to. If there is something wrong, please tell me so I can fix it. Thanks. – Jonnix Oct 13 '16 at 20:33

Access-Control-Allow-Origin not sending from PHP

1 Answers1