-1

I am trying to make a post request towards my server but I can't create. Request which I have to create is -

 POST /buy/new/product HTTP/1.1
 Host: foo.com
 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:64.0) 
 Gecko/20100101 Firefox/64.0
 Accept: application/json;api-version=3.2- 
 preview.1;excludeUrls=true;enumsAsNumbers=true
 ;msDateFormat=true;noArrayWrap=true
 Accept-Language: en-US,en;q=0.5
 Accept-Encoding: gzip, deflate
 Referer: https://foo2.com/buy/
 content-type: application/json
 origin: https://foo.com
 Content-Length: 76
 Connection: close
 Cookie: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

 {"buyId":"3232323-32-3-23-23232-3","force":false,"token":11111111111}

But Request which I am making from my code is - 

 OPTIONS /buy/new/product HTTP/1.1
 Host: foo.com
 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:64.0) 
 Gecko/20100101 Firefox/64.0
 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
 Accept-Language: en-US,en;q=0.5
 Accept-Encoding: gzip, deflate 
 Access-Control-Request-Method: POST
 Access-Control-Request-Headers: content-type
 Referer: http://foo.com/
 Origin: http://foo.com
 Connection: close

The code which I have used - 

 <html>
 <body>
 <center>
 <h2>Buy Now</h2>

 <div id="demo">
 <button type="button" onclick="buy()">Buy Now</button>
 </div>

 <script>
 function buy() {
 var xhttp = new XMLHttpRequest();
 xhttp.onreadystatechange = function() {
 if (this.readyState == 4 && this.status == 200) {
 document.getElementById("demo").innerHTML = alert(this.responseText);
 }
 };
 xhttp.open("POST", "https://foo.com//buy/new/product", true);
 xhttp.withCredentials = true;
 xhttp.setRequestHeader("Content-Type","application/json;api-version=3.2- 
 preview.1");
 xhttp.send(JSON.stringify('{"buyId":"3232323-32-3-23-23232- 
 3","force":false,"token":11111111111}')); 
 }
 </script>

 </body>
 </html>

Please help me to solve this problem. When click button buy it and look at the developer tools I get the Option request. I also want to send data {"buyId":"3232323-32-3-23-23232-3","force":false,"token":11111111111} but I can't send this towards my server. Thanks

Dhananjay
  • 11
  • 4
  • 1
    You cannot make requests to other servers unless they allow it. Is the above script hosted on "foo.com"? Or your own server? An OPTIONS request is a pre-flight request that checks if sending the actual request will fail anyway. –  Jan 24 '19 at 07:29
  • Also, why are you `JSON.stringify`ing a string? – phuzi Jan 24 '19 at 10:19

1 Answers1

0

It is happening because the browser as a security blocks a request if it is from two different URLs for example www.abc.com to www.xyz.com. YOu can fix this issue by configuring CORS at your back end server where you are requesting or to test you can use CORS plugins in browsers that will solve the issue. For example in chrome you can use the plugin below to disable CORS https://chrome.google.com/webstore/detail/allow-control-allow-origi/nlfbmbojpeacfghkpbjhddihlkkiljbi?hl=en

arj_anna hijam
  • 1
  • 1