1

I am trying to integrate atoms payment gateway in my MVC project. I have been getting this nasty error even after enabling CORS. So I thought perhaps it is the return url that is causing the issue. So I wrote a simple redirect to find out real cause return Redirect("https://google.com"); but i am still getting same error. What am I doing wrong?

  public ActionResult TransferFund()
     {    
        return Redirect("https://google.com");
     }

Failed to load https://google.com/: Response to preflight request doesn't pass 
access control check: No 'Access-Control-Allow-Origin' header is present on the requested 
resource. Origin 'http://localhost:25850' is therefore not allowed 
access. The response had HTTP status code 405.

I have followed This to redirect

EDIT

<script type="text/javascript">
    $(document).ready(function () {


            $('#btnatom').on('click', function () {
                $.ajax({
                    type: 'POST',
                    url: "/AtomPayment/TransferFund",
                    data: {},
                    dataType: "text",
                    success: function (resultData) { alert("Save Complete") }
                });
            });
        });


    </script>
    [HttpPost]
    public ActionResult TransferFund()
    {

        return new RedirectResult("http://google.com");
        string strURL, strClientCode, strClientCodeEncoded;
        ....
    }
Peter B
  • 22,460
  • 5
  • 32
  • 69
SamuraiJack
  • 5,131
  • 15
  • 89
  • 195
  • 1
    Possible duplicate of [Redirect to external URI from ASP.NET MVC controller](https://stackoverflow.com/questions/1549324/redirect-to-external-uri-from-asp-net-mvc-controller) – kgbph Aug 07 '18 at 09:52
  • @kgbph how is that duplicate ? I have literally written the same line of code and I am getting this error. – SamuraiJack Aug 07 '18 at 09:55
  • I can assume that you use POST(ajax from js), not GET that is why it could be a cross-domain request. – Yara Aug 07 '18 at 10:01
  • This is a duplicate question. Maybe the accepted answer didn't work for you. I'll try to help you out. – kgbph Aug 07 '18 at 10:01
  • @Yara what difference does it make? If I make POST request to my MVC controller action method and from that action method I redirect to external URL. Why is that a problem? – SamuraiJack Aug 07 '18 at 10:03
  • @Arbaaz are you trying to make a POST request to `https://google.com`? – kgbph Aug 07 '18 at 10:04
  • NO. `return Redirect("https://google.com");` – SamuraiJack Aug 07 '18 at 10:05
  • `return new RedirectResult("http://google.com");` – kgbph Aug 07 '18 at 10:09
  • Could you please paste code where you execute 'TransferFund' action? And 405 status code returns when you run POST and try to make redirect. – Yara Aug 07 '18 at 10:13
  • 1
    @Yara TransferFund is a POST method which I am calling through Jquery ajax method. I have just found out that `return Redirect("https://google.com");` from from within a get action method but does not works from inside action method which is a post method. I am trying to make a GET request from an POST action method – SamuraiJack Aug 07 '18 at 10:18
  • @Arbaaz yep, that is a problem, described in my above comment. – Yara Aug 07 '18 at 10:30
  • See my edit.. So are you saying it is not possible to redirect to a url from within a POST action method? – SamuraiJack Aug 07 '18 at 10:31
  • @Arbaaz, absolutely. – Yara Aug 07 '18 at 10:32
  • @Yara Ok I have changed method type to `type: 'GET'` in ajax and removed post attribute from action method TransferFund. I am still getting same error :( – SamuraiJack Aug 07 '18 at 10:35
  • You should not return 'Redirect'(302 code) in the controller. Try to return some code or plain text, for example, 'Ok' and do redirect inside jq 'success' block. – Yara Aug 07 '18 at 10:39
  • The **cause** is: you are doing a redirect to an external domain from inside the handler of an Ajax call. The **question** is: WHY you are doing a redirect to an external domain from inside the handler of an Ajax call? CORS prevents that, *unless you configure it correctly* both *in the script that makes the call* and ALSO *on the receiving(!) external domain*. – Peter B Aug 07 '18 at 10:46

3 Answers3

2

You could not make redirect in 'TransferFund' method, becuase of 'POST' method. Do it from jquery. Here corrected code:

<script type="text/javascript">
    $(document).ready(function () {


            $('#btnatom').on('click', function () {
                $.ajax({
                    type: 'POST',
                    url: "/AtomPayment/TransferFund",
                    data: {},
                    dataType: "text",
                    success: function (resultData) { 
                        if(resultData == "Ok"){
                            alert("Save Complete");
                            window.location = "https://google.com/"
                        }
                    }
                });
            });
        });
</script>

[HttpPost]
public ActionResult TransferFund()
{
    //do some transfer work
    return Content("Ok");
}
Yara
  • 4,441
  • 6
  • 42
  • 62
2

let's drill down into the error:

Failed to load https://google.com/: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:25850' is therefore not allowed access. The response had HTTP status code 405.

you are hitting a Cross Domain request issue.

Google is denying you, for security reasons from reaching it's server. It doesn't matter if you issue POST or GET request, google doesn't recognize your domain and blocks your cross-domain request.

If you use jquery it will work, yes, because you make a request from client-to-client using the window.location property of java script.

if you want to RedirectResult from your controller code, you need to use address at your local domain that will accept the request and won't deny it.

you can read more here about Error 405.

what it means, is:

The administrator can configure each web server so that the individual methods are either allowed or not allowed. For example, if there’s no interactive content on the website, it’s only logical that the POST method isn’t allowed, since the user has no options to enter their own data and send it to the server. Otherwise, the error message mentioned above with the status code 405 would appear, informing the browser and its user that the method is not allowed.

Barr J
  • 10,636
  • 1
  • 28
  • 46
0

Just Incase anyone needs:

First redirect your other "http://example.com" to another controller ("RedirectController") without httpMethod

[HttpPost]
public IActionResult TransferFund(){
   Return Redirect("redirect?url=http://example.com");
}

Now in:

RedirectController.cs

RedirectController(){
  public IActionResult Indext(){
     var url = Request.Query["url"];
     Return Redirect(url);
  }
}

or we can redirect to current controller btw

sambath999
  • 153
  • 1
  • 7