2

I am new to the Rest API. I am trying to call cross domain rest API from my application. Here is my code -

 $.ajax({
            type: "GET",
            async: false,
            url: 'http://xx.xxx.xxx.xx:9003/GetProjectList',
            contentType: "application/json",
            dataType: "json",
            traditional: true,
            CrossDomain: true,
            data: {
                StartDate: '2016-12-20',
                EndDate: '2017-01-10'
            },
            success: function (data) {
                alert("Success");
                alert(data);

            },

            error: function (xhr, textStatus, errorThrown) {
                alert("Failed");
                alert(xhr);
                alert(textStatus);
                alert(errorThrown);

            }
        });

But i am getting the error as 

OPTIONS http://xx.xxx.xxx.xx:9003/GetProjectList?StartDate=2016-12-20&EndDate=2017-01-10 405 (Method Not Allowed)

XMLHttpRequest cannot load http://xx.xxx.xxx.xx:9003/GetProjectList?StartDate=2016-12-20&EndDate=2017-01-10. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:64207' is therefore not allowed access. The response had HTTP status code 405.

Am i missing anything here? any code or configuration?

If i hit that URL directly from browser or Postman, its working fine. But its not working from the application.

omkar patade
  • 1,442
  • 9
  • 34
  • 66
  • This is basic CORS error. You should set required CORS headers in the response headers. There are tons of SO answers available for this. And by the way, is your service web-api or wcf-rest? You shouldn't be adding both tags together – Developer Jan 12 '17 at 12:40
  • You only need to allow CORS. knowing that, it doesn't always work! – Ramy M. Mousa Jan 12 '17 at 18:12
  • Why are you setting a Content-Type on a GET request? – Quentin Jan 15 '17 at 15:33

2 Answers2

3

The problem is about CORS(Cross-Origin Requests). You have to enable CORS for solve the problem.

Download with Nuget Package

Install-Package Microsoft.AspNet.WebApi.Cors

You should add some code in WebApiConfig.cs 

var corsAttr = new EnableCorsAttribute("*", "*", "*");
config.EnableCors(corsAttr);

More Information you should take a look: https://www.asp.net/web-api/overview/security/enabling-cross-origin-requests-in-web-api

MesutAtasoy
  • 772
  • 2
  • 13
  • 24
0

I think the problem is a CORS problem (sometimes 405 also mean you're calling your API with wrong HTTP Verbs) .. but reading your exception it looks like a CORS problem .. try this:

using Goocity.API;
using Microsoft.Owin;
using Microsoft.Owin.Cors;
using Owin;

[assembly: OwinStartup("API", typeof(Goocity.API.Startup))]

    namespace Goocity.API
    {
        public partial class Startup
        {
            public void Configuration(IAppBuilder app)
            {
                #region TO UNCOMMENT WHEN IS IN PRODUCTION
                //var corsPolicy = new CorsPolicy
                //{
                //    AllowAnyMethod = true,
                //    AllowAnyHeader = true,
                //    SupportsCredentials = true,
                //    Origins = { "http://www.yoursite.it" }
                //};

                //app.UseCors(new CorsOptions
                //{
                //    PolicyProvider = new CorsPolicyProvider
                //    {
                //        PolicyResolver = context => Task.FromResult(corsPolicy)
                //    }
                //});
                #endregion TO UNCOMMENT WHEN IS IN PRODUCTION

                app.UseCors(CorsOptions.AllowAll);
                ConfigureAuth(app);

            }
        }
    }

Try to put this in your startUp file and install the Microsoft.Owin.Cors nuget package

federico scamuzzi
  • 3,708
  • 1
  • 17
  • 24