0

In my Outlook addin I have AJAX request with JQuery. Since few days the request is blocked with the following error :

Access to XMLHttpRequest at 'https://wordpress.com/woocommerce-api' from origin 'https://mywebsite.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

CORS Policy seems ok server side. If i request the ressource with another client i have this response :

other client, no issue

But when i request from Outlook client (web) i have this reponse :

outlook client issue

So the issue probably come from my AJAX request. Check my code :

$.ajax({
        url: "https://mywebsite.com/woocommerce/?wc-api=software-api&request=check&email=" + mailInput.val() + "&license_key=" + keyInput.val() + "&product_id=SMS+Outlook",
        method: "GET",
        xhrFields: {
            withCredentials: true
        },
        crossDomain: true,
        dataType: 'application/json'

    })

I really don't understand why this issue appear only in Outlook side.

ebillis
  • 224
  • 1
  • 4
  • 19
  • The error means that you need to add CORS headers to the response from the `https://mywebsite.com` domain. If you do not have access to this you cannot make a call directly to it from client-side JS. If this used to work, but no longer does it's likely because they have tightened up their security. – Rory McCrossan Aug 13 '19 at 15:44
  • Hi, thank's for you reponse. As you can see in the first screen (reponse from https://mywebsite.com, with other client) headers seems to be perfectly sent, isn't it ? – ebillis Aug 13 '19 at 15:48
  • 1
    Yes, it's sent absolutely fine, but that's not the problem. The problems is that if there is no CORS headers in the response the browser will block you from accessing it. See the duplicate to understand more about the problem and how to fix it, if you have access to the server you're calling – Rory McCrossan Aug 13 '19 at 15:51
  • I red the duplicate, and according to it, to make CORS headers in response on a PHP Server (In my case Wordpress) i must add to my functions.php: `header( 'Access-Control-Allow-Origin: *' );` I did it, still the same issue. – ebillis Aug 13 '19 at 16:17
  • If you're still seeing the same issue then the headers have not been placed in the correct location of your code. I'd suggest you open a new question about how to add the CORS headers, as this question is about JS and it's not a JS issue. – Rory McCrossan Aug 13 '19 at 16:19
  • Right, thank's for your time @RoryMcCrossan – ebillis Aug 13 '19 at 16:23

0 Answers0