Can I make a POST request to a URL as if the one who is making the request is its original site?
Let me explain the situation.
I`m making a API with a government WebService, that service receives some data, and returns a number of protocol, which I then insert it manually if a field to print a pdf file.
After some search through the site I found that the site sends a POST request to a URL, and then return number of protocol which is used to compose a URL to be inserted into a <iframe>.
Although, if I try to make that POST request within my server it seems that it didnt receive the data Im sending, but when I`m in the console of the original site I can make the POST via $.Ajax and it returns me the number.
If I make the request via console in the browser but in another page, it says that because of CORS policy it can't be completed.
Here is the POST request in the site itself:
$.ajax({
url: '../lote/prepararEmissao',
method: 'POST',
dataType: 'json',
data: [
{ name: "guias[1]", value: "1" },
{ name: "guias[2]", value: "2" },
{ name: 'protocolo', value: "2000849149" }
],
cache: false,
success: function (retorno) {
// ...
},
error: function (err) {
// ...
}
})
The result:
{ success: true, numeroProtocolo: "2000849149" }
Here is the one I`m trying to make, and get the error:
$.ajax({
url: 'http://www.testegnre.pe.gov.br/gnre/v/lote/prepararEmissao',
method: 'POST',
dataType: 'json',
data: [
{ name: "guias[1]", value: "1" },
{ name: "guias[2]", value: "2" },
{ name: 'protocolo', value: "2000849149" }
],
cache: false,
success: function (retorno) {
// ...
},
error: function (err) {
// ...
}
})
The return:
data: { success: false, mensagem: 'Protolo de recebimento do lote não informado.' }
I suspect that the page send some additional information in the headers, or something like it.
So the question is, can I bypass that CORS policy or simulate that I am in the page, to make the request?
The URL: http://www.testegnre.pe.gov.br/gnre/v/lote/consultar (Its a page specifically for testing)
