Cross Origin Domain Blocking error with AJAX - ajax

Could anyone please tell me what I am doing wrong:
I'm using the following code and getting a Cross Origin Domain Blocking error. And no I don't have the ability to enable CORS on the Server Im getting data from. But when I use the URL by itself, I get the data I am after, it's just not working with AJAX, Im trying to use JSONP to get around the issue:
$(document).ready(function () {
$.ajax({
url: "https://serveraddress/remote-json.cfm?do=gettimetable",
dataType: "jsonp",
jsonpCallback: "logResults"
});
});
kind regards,
Brad

You can use back-end to solve this problem. This back-end(php, java, nodejs, curl...) implement a httpclient to getting data from any server.
I try to set "useDefaultXhrHeader: false", it is the configuration ajax.

Related

Submit form to REST API

Hi i have the following code
var dataString = "email=jdoe#example.com&fname=John&lname=Doe&phone=7851233&vid=726&size=2&date=2013-05-28%202:15%20PM&request=Testing%20A%20Message";
$.ajax({
type: "GET",
timeout: 5000,
url: "http://www.livepicly.com/app/api.php?method=add_reservation",
data: dataString,
success: function(data, textStatus) {
alert(data.result);
},
error: function(xhr, textStatus, errorThrown){
alert("ERROR");
}
});
return false;
Where basically i would like to submit a piece of string to this URL:
http://www.livepicly.com/app/api.php?method=add_reservation
The formatted string (as displayed by firebug) is like this:
http://www.livepicly.com/app/api.php?method=add_reservation&email=jdoe#example.com&fname=John&lname=Doe&phone=7851233&vid=726&size=2&date=2013-05-28%202:15%20PM&request=Testing%20A%20Message
When the string is executed via browser (straight copy-pasting) it works perfectly. It displayed the corresponding message.
However, when i execute the code, it always returns error. Does anyone know why this happen?
Cheers,
The API in question is not RESTful.
Anyway, your problem is a combination of factors. What it definitely is NOT is the API actually throwing an error, as all errors are returned as 200 status codes. (Not RESTful Point #1). So, even if livepicly returned an error, it'd still count as success on jQuery handlers.
In no particular order:
The API is not throwing Access-Control-Allow-Origin headers. It does not support JSONP either. (This can be seen by querying http://www.livepicly.com/app/api.php?method=add_reservation&callback=test ). This will completely prevent jQuery from loading any data of performing any queries to the API due to cross-domain restrictions
That's the only thing that is failing! This is also completely preventing jQuery usage. You'll need to make a choice to go around this one, which may or may not include:
Proxying the API locally. This is trivial if your webserver is running thanks to Apache or nginx. For Apache, use ProxyPass and ReverseProxyPass directives using mod_proxy, or use a rewrite rule with the [P,L,QSA] set of flags. On nginx, use the proxy_pass directives. If you have access to neither, proxy it using curl through PHP.
Giving the developers of the API a slap in order for them to simply add Access-Control-Allow-Origin: * to the headers, which will make your call work
Giving the developers of the API a slap in order for them to support JSONP
Overall, just point them to https://en.wikipedia.org/wiki/Representational_state_transfer and give them a slap for me. Please?

jQuery ajax POST from local file to access a cross domain not working

As the title says, I'm trying to access (POST) using jQuery AJAX call to a web url, http://host:port/... or http://localhost:8080/... from a local HTML file, c:\home.html. I can't get it to work.
I did Google and also saw several questions here but I can't get it to work. I need some help here. Here is what I've tried so far.
dataType: jsonp
crossDomain: true
Setting the header in my response:
response.setHeader("Access-Control-Allow-Origin", "*");
None of the three browsers are working - IE, FF or Chrome. The request is never reaching the server. Here are some of the errors I'm seeing.
No Transport (IE) if not jsonp is used.
NS_BINDING_ABORTED / Error loading content (NS_ERROR_DOCUMENT_NOT_CACHED) in FF
This is my code. I would appreciate any help. I'm using jquery-1.8.2.min.js.
var http_host = "http://localhost:8080";
function su (pc, p) {
var suUrl = http_host + "/ps/api/v2/authorize.json";
$.ajax({
type: 'POST',
url: suUrl,
data: {
phone_cell: pc,
password: p,
},
dataType: "json",
crossDomain: true,
success: osu,
error: oe
});
return false;
}
function osu (d) {
console.log(d);
}
function oe(xhr, ts, et) {
alert("ServerError: " + et);
}
An example would be a perfect pointer.
I suppose my code got messed up w/ all the different solutions that I was trying. I was finally able to get it to work w/ setting the header (solution that was recommended and worked for others). All that I had to do to get it to work is add the following to my REST service response.
response.setHeader("Access-Control-Allow-Origin", "*");
Update:
I thought I figured this out but I've not. There is more it than just setting the header. Anyways, in my specific situation. I was trying to run my app (html, js) off of the hard drive specifically on chrome and trying to access web services available on the cloud.
Here is how I finally solved the problem. I started the chrome w/ the following parameters.
--disable-web-security -–allow-file-access-from-files
Like I mentioned earlier, this app is really a desktop application that will be run as part of the chromium embedded framework.
Thanks every one for your input.
You can't make a cross-domain request from a local file because it's not on a domain. You need to host C:\home.html on a local webserver instance in order for it to work.

$.ajax with JSONP causes IE8 to throw security warning

I have a https site. I'm running LifeRay on Tomcat. I'm using the following URL:
http://gdata.youtube.com/feeds/api/videos/ID?v=2&alt=jsonc
and
jQuery.ajax({
url: URL,
dataType: 'jsonp',
async: false,
success: function (obj) {
processData(obj);
}
});
to get the data and then processing it. It works on all the browsers. The only problem is that I get a security warning in IE8.
Question 1: Is there any way to get the JSON data securely and processing the data without IE throwing any warning messages?
Question 2: How and where can I set this: Access-Control-Allow-Origin: http://youtube.com, so that maybe IE won't throw any warning messages?
Try using
https://gdata.youtube.com/feeds/api/videos/ID?v=2&alt=jsonc
Since you are in https, IE wants all resources accessible within that domain to be secured. I feel previously you were using http:// in the request URL of youtube. Change it https, it may solve the security warning issue.
If a secure page loads any nonsecure resource, its going to throw the warning. The only way to get around it is to load everything from https.
Here you are trying to load a non secured resource (http://gdata.youtube....) in the secured website.
HTH

GData API and cross-domain ajax calls

I want to get xml data from google server using it's API. so, i can't make any changes to response. So, How do I make this call that work for me:
$.ajax({
type: 'POST',
url: 'https://www.google.com/accounts/ClientLogin',
contentType: 'application/x-www-form-urlencoded',
data: { accountType : "HOSTED", Email : ""+Adminemail+"", Passwd : ""+adminpass+"", service : "cp"}, // cp for contact service..
success: function (response) {
alert(response); });
I want make some GET, PUT, DELETE call as well so, I don't want to use any function like $.getJSON();I want to make it possible through $.ajax() only.
I think only way to do this is use of server side scripting language.
Most browsers won't allow cross site scripting. (An ajax call that is not in your own domain).
So if you want to call such an url (https://www.google.com/accounts/ClientLogin), do it server side.
Cross domain posting is blocked by the browser. You could write your own browser. Since this is probably not an option, you could post to your own server and from there post to the other server. I think you can post data to another server using cUrl if you're using PHP.
There's a nice example here.
The third party must provide a jsonp api.

Extjs to call a RESTful webservice

I am trying to make a RESTful webservice call using Extjs. Below is the code i am using:
Ext.Ajax.request({ url: incomingURL ,
method: 'POST',
params: {param1:p1, param2:p2},
success: function(responseObject){
var obj = Ext.decode(responseObject.responseText);
alert(obj);
},
failure: function(responseObject){
var obj = Ext.decode(responseObject.responseText);
alert(obj);
}
});
but it does not work, the request is sent using OPTIONS method instead of POST.
I also tried to do the same thing using below code but result is the same:
var conn = new Ext.data.Connection();
conn.request({
url: incomingURL,
method: 'POST',
params: {param1:p1, param2:p2},
success: function(responseObject)
{
Ext.Msg.alert('Status', 'success');
},
failure: function(responseObject)
{
Ext.Msg.alert('Status', 'Failure');
}
});
But when i tried to do the same thing using basic ajax call ( using the browser objects directly i.e. XMLHttpRequest() or ActiveXObject("Microsoft.XMLHTTP")) it works fine and i get the response as expected.
Can anyone please help me, as i am not able to understand what i am doing wrong with extjs ajax call?
You can't make a standard AJAX call between domains. The URL for Ext.Ajax.request should be a relative one (relative to the script's origin).
If you want to do cross-domain calls, use a ScriptTagProxy or such.
The problem is exactly because of the reason ob1 and Chuck Hinson described.
I have an RESTful service, wich is running on Tomcat.
And i made a static client(no deployed to Tomcat) using ExtJs with Json reader.
I just made an html page with ExtJs integrated consuming REST service like url: http://localhost:8080/service/invoices/
And all the time ExtJs was making OPTIONS request, not GET or POST even if i was setting them as being used methods. The problem is this security feature, because Client is not the part of same application and i am doing AJAX call between domains.
As soon as i put my client to my Web application and deployed to Tomcat and started using relative calls it started working.
if you don't want cross-domain request, please remove the website prefix 'http://website' from propery url of ajax proxy.

Resources