Cross domain POST request is not sending cookie Ajax Jquery
You cannot set or read cookies on CORS requests through JavaScript. Although CORS allows cross-origin requests, the cookies are still subject to the browser's same-origin policy, which means only pages from the same origin can read/write the cookie. withCredentials
only means that any cookies set by the remote host are sent to that remote host. You will have to set the cookie from the remote server by using the Set-Cookie
header.
How to send a cross domain ajax request
put it on top of config.php
header('Access-Control-Allow-Origin: *');
Cross Domain XML POST
To enable cross-domain requests, you'll need to not only add the 'Access-Control-Allow-Origin' to XXX, but you'll also need to make sure that the domain that you're submitting your request from, is allowed.
More information can be found here.
Workaround for Cross Domain Request
CORS (Cross-Origin Resource Sharing) is a system, consisting of transmitting HTTP headers, that determines whether browsers block frontend JavaScript code from accessing responses for cross-origin requests. (https://developer.mozilla.org/en-US/docs/Glossary/CORS)
You cannot inject JavaScript into a window when cross-origin resource sharing is disabled and this is by design.
Possible workarounds:
- Change CORS headers on the server of Urltwo
Fetch source of Urltwo via an HTTP request and render it in a blank iframe (applicability will vary). Edit: If the request is initiated from JavaScript, this will be subject to CORS as well.
If you have access to the server serving Urltwo
, changing CORS settings is the best solution.
If you do not have access to the server, but you can edit the document served at Urltwo
, you can communicate between the documents via document.postMessage
(https://developer.mozilla.org/en-US/docs/Web/API/Window/postMessage) or by encoding information in the URL (query string or hash).
If you have access to neither, you can use a proxy that fetches the contents at Urltwo
, sents the correct CORS headers and sends the result back to you.
What triggers cross-domain violation when AJAX request?
Due to this:
A resource is cross-origin when it's located at a different
(sub)domain, protocol, or port!
You should also use exact match host
so http://www.example.com/bar
doesn't work out.
Take a look at this to see more examples.
You should not get CORS in the A
option.
And also this article fully describing CORS.
Related Topics
How to Remove All Duplicates from an Array of Objects
Aren't Promises Just Callbacks
How to Return Many Promises and Wait For Them All Before Doing Other Stuff
How to Create a Two Dimensional Array in JavaScript
_Proto_ Vs. Prototype in JavaScript
Getting the Client'S Time Zone (And Offset) in JavaScript
Addeventlistener Calls the Function Without Me Even Asking It To
JavaScript Raises Syntaxerror With Data Rendered in Jinja Template
Explanation of 'Let' and Block Scoping With For Loops
Canvascontext2D Drawimage() Issue [Onload and Cors]
Methods in Es6 Objects: Using Arrow Functions
Check Variable Equality Against a List of Values
How to Disable Scrolling Temporarily
How to Get Jquery to Perform a Synchronous, Rather Than Asynchronous, Ajax Request