Thursday, 15 May 2014

javascript - CORS, IIS7 and PHP - Access-Control-Allow-Origin error -



javascript - CORS, IIS7 and PHP - Access-Control-Allow-Origin error -

i'm trying allow host (a local host, javascript.dev) create xhr host, iis7 , if curl -i it, headers:

http/1.1 200 ok content-length: 0 content-type: text/html; charset=utf-8 server: microsoft-iis/7.0 x-powered-by: php/5.3.28 access-control-allow-origin: * access-control-allow-methods: get, put, post, delete, options access-control-max-age: 1000 access-control-allow-headers: * x-powered-by: asp.net date: fri, 20 jun 2014 12:09:33 gmt

this headers curl -v -x options:

* connect() www2.xxxxxxxxxxxx.com.br port 80 (#0) * trying 200.98.xxx.100... * connected www2.xxxxxxxxxxxx.com.br (200.98.xxx.100) port 80 (#0) > options /jobs/xxxxxxx/user/ http/1.1 > user-agent: curl/7.30.0 > host: www2.xxxxxxxxxxxx.com.br > accept: */* > < http/1.1 200 ok < allow: options, trace, get, head, post * server microsoft-iis/7.0 not blacklisted < server: microsoft-iis/7.0 < public: options, trace, get, head, post < x-powered-by: asp.net < date: fri, 20 jun 2014 13:01:25 gmt < content-length: 0

i used php alter access-control-allow-origin, when xhr, or without jquery, error i'm getting:

xmlhttprequest cannot load http://www2.xxxxxxxx.com.br/jobs/xxxxxx/user/. no 'access-control-allow-origin' header nowadays on requested resource. origin 'http://javascript.dev' hence not allowed access.

to document, additional steps made solve:

i added code in reply above web.config , error:

xmlhttprequest cannot load http://www2.madeinweb.com.br/jobs/eminhasaude/user. request header field content-type not allowed access-control-allow-headers.

because access-control-allow-headers don't take wildcards *. solve:

<add name="access-control-allow-headers" value="origin, x-requested-with, content-type, accept" />

based upon comments looks you're missing access-control-allow-origin header when options request submitted. according this article should simple case of adding next code php page...

<?php header('access-control-allow-origin: *'); ?>

if still doesn't work should check iis handler mapping php (see here) , create sure options allowed verb. job!

this article indicates skip modifying php @ , add together next web.config:

<system.webserver> <httpprotocol> <customheaders> <add name="access-control-allow-origin" value="*" /> <add name="access-control-allow-headers" value="*" /> <add name="access-control-allow-methods" value="get, put, post, delete, options" /> <add name="access-control-max-age" value="1000" /> </customheaders> </httpprotocol> </system.webserver>

be aware open entire site rather 1 page...

javascript php iis-7 xmlhttprequest cors

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)