1

I'm having a lot of trouble with an API. I've tried many things which I list below. This is my code:

var form = new FormData();
form.append("relativeSource", " Mindful-Life.xhtml"); //space?
form.append("arguments", "-sp IXBRL,XBRL,Dimension,Formula -X");
form.append("input", " Mindful-Life.zip"); //space?

var settings = {
  async: true,
  crossDomain: true,
  url: "https://validation.cipc.co.za/bushchat-api/ws1000/ws1001",
  method: "POST",

  headers: {
    "cache-control": "no-cache",
    "postman-token": "1c3276ea-a939-7b3a-ee71-b6cfd2d3b1f7"
  },
  processData: false,
  contentType: false,

  mimeType: "multipart/form-data",
  data: form,
  error: error => {
    console.log(JSON.stringify(error));
  }
};

$.ajax(settings).done(function(response) {
  console.log(response);
});

If I run this I get the following error:

Access to XMLHttpRequest at 'https://validation.cipc.co.za/bushchat-api/ws1000/ws1001' from origin 'null' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

So I tried using code from the CORS tutorial site and the following code is what I used:

function createCORSRequest(method, url) {
  var xhr = new XMLHttpRequest();
  if ("withCredentials" in xhr) {
    xhr.open(method, url, true);
  } else if (typeof XDomainRequest != "undefined") {
requests.
    xhr = new XDomainRequest();
    xhr.open(method, url);
  } else {
    xhr = null;
  }
  return xhr;
}
var url = "https://validation.cipc.co.za/bushchat-api/ws1000/ws1001";
var xhr = createCORSRequest(
  "POST",
  "https://validation.cipc.co.za/bushchat-api/ws1000/ws1001"
);

if (!xhr) {
  throw new Error("CORS not supported");
}

xhr.onload = function() {
  var text = xhr.responseText;
  var title = getTitle(text);
  alert("Response from CORS request to " + url + ": " + title);
};

xhr.onerror = function() {
  alert("Woops, there was an error making the request.");
};

var form = new FormData();
form.append("relativeSource", " Mindful-Life.xhtml"); 
form.append("arguments", "-sp IXBRL,XBRL,Dimension,Formula -X");
form.append("input", " Mindful-Life.zip"); 

xhr.setRequestHeader("cache-control", "no-cache");
xhr.setRequestHeader("postman-token", "1c3276ea-a939-7b3a-ee71-b6cfd2d3b1f7");
xhr.send(form);

And all this to comply with CORS policy but the exact same error appeared.

So I hosted this javascript with a little html to an https host, then the error becomes instead of origin "null" the error becomes origin "https://..." but the same error.

What can I possibly be missing?

Rory McCrossan
  • 331,213
  • 40
  • 305
  • 339
Simon
  • 21
  • 4
  • Your client-side code was fine (at least in regards to your immediate problem) (the rewritten stuff to use stuff specific to very old versions of Internet Explorer is pointless). You need to change the server so it gives you permission to make the request., – Quentin Apr 11 '19 at 14:04
  • `async: true` is pointless, that's the default. – Quentin Apr 11 '19 at 14:04
  • `crossDomain: true` is pointless unless you are making a same-origin request that follows an HTTP redirect to a different origin. – Quentin Apr 11 '19 at 14:05
  • `mimeType: "multipart/form-data",` contradicts `contentType: false,` and is missing the mandatory boundry paramater. At best it will do nothing. At worst it will create a different problem after you have dealt with the CORS issue. Remove it. – Quentin Apr 11 '19 at 14:05
  • @Dimitri — Yes, the API is just badly designed and is returning a 404 when it should return a 405. – Quentin Apr 11 '19 at 14:08

0 Answers0