w3hello.com logo
Home PHP C# C++ Android Java Javascript Python IOS SQL HTML videos Categories
Cross origin request with AJAX, JQuery, Apache & basic authentication
Maybe you should try this? It works fine on my Apache server: Header always set Access-Control-Allow-Headers "Authorization, X-Requested-With, Content-Type, Accept, Origin" Use Access-Control-Allow-Headers instead of Access-Control-Request-Headers.

Categories : Jquery

Cross-origin image load denied by Cross-Origin Resource Sharing policy
If you wish to load cross-origin images to a canvas, you need to either serve the image with cross-origin headers or under the same origin. That image under Facebook is served with the following header option set: Access-Control-Allow-Origin:* Meaning, it can be cross-origin loaded with the useCORS option. However, it would appear that your Host B isn't serving them with cross-origin headers set.

Categories : Javascript

Cross Origin Request being made without CORS
Provided the request is a 'simple method' (GET/HEAD/POST) and the headers are all 'simple headers', then the browser can follow the 'simple' steps for the request, which don't include an OPTIONS pre-flight.

Categories : Ajax

Cross Origin Request with Kohana and JavaScript
The Problem The problem I was having was due to a setting in my Apache config file which looked like this: <IfModule mod_headers.c> Header set Access-Control-Allow-Origin "*" </IfModule> In order to solve my particular problem I simple removed / commented out the above code as it was overriding the headers I sent from PHP. My implemented solution was then quite simple. In the following example we'll assume that I am making a call from one.example.com (the main website) to two.example.com (a sub-site). Kohana / PHP In my PHP I set the following headers, I've chosen to do this in my parent Controller. You could create your own Cors class or helper if you prefer. Basically you don't want to have this code duplicated hundreds of times throughout your project. $this->

Categories : Javascript

Two ASP.NET web applications - Cross origin request always succeeds without discretion
Cross-sub-domain requests are still considered cross-domain requests as different sub-domains can point to entirely different IPs and servers. You'll definitely get errors if you don't set up CORS properly in your production setup. Edit: To properly emulate production setup, you'll need to play with the IIS binding configuration. If you can't get it working, you shall try a VM for hosting the api.hybridwebapp.com, which will definitely work as CORS is triggered automatically between different servers.

Categories : Asp Net Mvc

Blocked a frame with origin "https://www.facebook.com" from accessing a frame with origin "http://myapp.herokuapp.com"
Pretty old question, but it's still open- so In case you didn't see this answer already, Mademoiselle Geek is spot-on. A quick double-check on my heroku app verifies that you can, in fact, just type https: instead of http: and it will accept an SSL connection automatically- no set up required. The only thing you do have to set up is in your Facebook.js.coffee- this section.. initializeFacebookSDK = -> FB.init channelUrl : 'http://app.heroku.com/page/fbchannel' Change to.. initializeFacebookSDK = -> FB.init channelUrl : 'https://app.heroku.com/page/fbchannel' Then, depending on your operating system (I use linux) do a quick grep search (or search the text of files within a directory) for http://app.heroku and change it to https, just to be safe.

Categories : Ruby On Rails

JQuery AJAX request to Sinatra app blocked by CORS
I have found the answer to my problem. Initially, I was adding the header information to the Passenger web server via my sites-available/defaults file, and the Sinatra web service routes. Having set the CORS response headers in both places caused my response headers to have duplicate header information about the allowed origin, methods, etc. Once I removed the headers from the web server, and left them on the web service routes, my requests went through.

Categories : Jquery

Not cross-domain. XMLHttpRequest cannot load localhost:portNo1 . Origin localhost:portNo2 is not allowed by Access-Control-Allow-Origin
Well, that's the problem. Cross-origin restrictions do not allow you to communicate across ports without sending a Access-Control-Allow-Origin: * header. A better solution would be to use Nginx or some other webserver to reverse proxy those two running applications to the same domain and port.

Categories : Javascript

"XMLHttpRequest cannot load Origin is not allowed by Access-Control-Allow-Origin" Error for invoking SOAP request
You'd need to modify your GET request to be a JSONP request. How to make a JSONP request from Javascript without JQuery?

Categories : Rest

Access-Control-Allow-Origin after jQuery AJAX HEAD request
If you make the request using PHP running on your server then the request comes from you. If you make the request using JavaScript running in your visitor's browser, then the request comes from your visitor … with your visitor's identity … and your visitor's credentials … but the data would still be available to your code. If the browser let you access data from arbitrary websites, then you could access your visitor's private information on those sites. Access-Control-Origin allows a server to state that the data available for a given URI is not private, so JavaScript running on other sites is allowed to access it.

Categories : PHP

Cross Domain ajax request with jquery
Put this in your JS: <script> jQuery.support.cors = true; $(document).ready(function(){ //stuff } </script>

Categories : Jquery

Issue with IE8-9 & "Cross Domain" jQuery/AJAX Request
Ended up using this code sample to address my issue. Thanks to everyone for the help! $.ajax({ type: "POST", xhr: (window.ActiveXObject) ? function() { try { return new window.ActiveXObject("Microsoft.XMLHTTP"); } catch(e) {} } : function() { return new window.XMLHttpRequest(); }, url: ajaxurl, data: post, beforeSend: function(){ }, success: function(returndata){ } });

Categories : Jquery

Cross Domain GET request to ASP.NET web service from jQuery failing
You need to serialize service output using custom code. These links can help you: http://www.codeproject.com/Articles/43038/Accessing-Remote-ASP-NET-Web-Services-Using-JSONP JSONP & ASMX Web Service

Categories : Asp Net

IE8 & 9 Security Issue with jquery AJAX "Cross Domain" request
You can do couple of things, crossdomain.xml well they didn't work well for me, there is HTML Header for it, I didn't remember, but the easiest thing I remember is to use getJSON method of Jquery or using JSONP, JSONP request are independent in these sense and works well for me thus far.

Categories : Jquery

jQuery Cross Domain Request to get JSON Response without Callback
This won't work in all browsers, but depending on which version of JQuery you're using try: $.support.cors = true; Obviously this also depends on the headers of the server response.

Categories : Ajax

Error in making cross domain request using jquery for json content
That doesnt answer your question directly but its also a way to achieve what you're trying: You can use: /* java side: */ $.getJSON("URL?some_call_back_function=?", dataToPass, function(data){ // do whatever you like.. }); /* php side: */ if(isset($_GET['some_call_back_function']) && $_GET['some_call_back_function'] != ''){ $someJsonToReturn = array('Something'=> "something"); echo $_GET['some_call_back_function'].'('.json_encode($someJsonToReturn ).')'; } i hope that helps. i use that usually when i want cross domain. here is the jquery API for it: getJson API

Categories : Javascript

Using jQuery/Jsonp to send cross-domain request and parse result?
The first warning is normal if the remote end does not set the correct Content-Type header for its JSONP output. It's just a warning, it causes no harm. If the second error is from trying to access the stackoverflow website then that error is simply because you're trying to throw HTML code at the JS interpreter. Note that a JSONP request must receive JSON in the form of a valid JS script. It won't work with any other type of input. For security reasons you cannot access other types of resource from other origins unless those resources send the appropriate Access-Control-Allow-Origin HTTP headers.

Categories : Ajax

jQuery cross domain AJAX request fails with XMLHttpRequest cannot load error
Your best bet is to create a REST/JSON service on your own web server that simply returns the remote results from Google's API. That way any cross-domain problems are avoided and you have more control over future changes to the API (you can for example reformat the content to suit your own nefarious uses:)).

Categories : Jquery

Origin is not allowed by Access-Control-Allow-Origin , jquery mobile
You can force Google Chrome to not moan about Cross-domain-origin(s) Adding this flag --disable-web-security when running chrome will allow you to test successfully. I've added it to the target variable of my Chrome shortcut on my desktop like so: "C:Program Files (x86)GoogleChromeApplicationchrome.exe" --disable-web-security Hence everytime I start Chrome it automatically is started with this flag in place and I can test cross-domain ajax calls without any issues.

Categories : Jquery

Phonegap - InAppBrowser - Cross Origin Policy
Not necessarily needed, Check the _self description window.open( strUrl, strWindowName[, strWindowFeatures]) strWindowName: "_self" -> opens in the Cordova WebView if strUrl is in the white-list, else it opens in the InAppBrowser "_system" -> always open in the system web browser "_blank" -> always open in the InAppBrowser

Categories : Android

Why can't I make cross origin requests to an API hosted in IIS?
IIS (including the one in your Azure web site) has a default OPTIONS handler. You will need to remove it in Web.config. It answers the OPTIONS call before your message handler has an opportunity to respond. <configuration> ... <system.webServer> <handlers> <remove name="OPTIONSVerbHandler" /> ... </handlers> </system.webServer> </configuration>

Categories : Asp Net Mvc

Cross Origin Requests in Snap Framework
You can set the appropriate headers using Snap's header manipulation functions.

Categories : Haskell

AngularJS and Phonegap Cross Origin Access
When accessing web services from mobile website, they should either have access origin allow true set or jsonp enabled in php (much secure way). Since unlike the app, mobile website JavaScript would not have access to other domains through browsers. check these links: allow cross domain ajax requests

Categories : Angularjs

expand templates and wikitext to html in wikipedia (Replicating wikipedia)
All MediaWiki API queries that can be executed as GET requests can also use POST. And I think the API module you want is action=parse. Something like: URL: http://en.wikipedia.org/w/api.php POST data: action=parse&text=your text

Categories : Misc

Cross domain jQuery $.ajax request fails for PUT (Method PUT is not allowed by Access-Control-Allow-Methods.)
Apparently the browser first sends an OPTIONS request to find out if PUT (or DELETE) requests are allowed. Since I had not allowed the OPTIONS method in Access-Control-Allow-Methods it failed and so did the PUT request after in Firefox. Adding OPTIONS to Access-Control-Allow-Methods solved the problem: header('Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS');

Categories : Jquery

Methods of removing the youtube iframe api console error - "blocked a frame with origin..." in chrome console
I had a similar error where the JS error was: Blocked a frame with origin "https://www.youtube.com" from accessing a frame with origin "http://www.yourdomain.com". The frame requesting access has a protocol of "https", the frame being accessed has a protocol of "http". Protocol/Protocols must match, YouTube has CORS (Cross Origin Resource Sharing) enabled to allow across domains. Try getting rid of the https:// in your YouTube iframe tag? You could also take a look at your closing iframe tags. Iframe tags are not singleton tags and must end with a </iframe> and not a />.

Categories : Javascript

canvas has been tainted by cross-origin data work around
To satisfy CORS, you can host your images on a CORS friendly site like dropbox.com Then the security error will not be triggered if you speify image.crossOrigin="anonymous": var image=new Image(); image.onload=function(){ } image.crossOrigin="anonymous"; image.src="https://dl.dropboxusercontent.com/u/139992952/stackoverflow/colorhouse.png"; Here is code and a Fiddle: http://jsfiddle.net/m1erickson/4djSr/ <!doctype html> <html> <head> <link rel="stylesheet" type="text/css" media="all" href="css/reset.css" /> <!-- reset css --> <script type="text/javascript" src="http://code.jquery.com/jquery.min.js"></script> <style> body{ background-color: ivory; } #canvas{border:1px solid red;} </style> <script>

Categories : Javascript

Cross-domain origin error with Firefox add-on in localhost?
XMLHttpRequest and by that $.ajax in content scripts are limited by the same-origin policy/CORS. You'll either have to implement CORS on your localhost. (Not quite sure if CORS actually works in panels with a local URI, though...) Or use the request module. Using the request module will require some message passing between the lib script and the content script. Or wait for the new permissions introduced in Firefox-24.

Categories : Jquery

"Cross origin are only supported for HTTP" and "DOMException.NETWORK_ERR 19"
Depending on which browser you're using, it might be an expected behaviour. Pretty much all browsers, given a local file path, try to open the file via file:// protocol. I know that WebKit treats the file:// protocol as unsafe (i.e. you can't make the AJAX requests to this protocol regardless of where the file actually is). Gecko allowed you for subdirectories last time I checked and I'm not sure about IE The best solution would be to access the files via http://localhost instead, as behaviour of HTTP protocol is much more reliable. Both in your JS code and when you open the page in the browser.

Categories : HTML

Cross-Origin Resource Sharing with Spring Security
I was able to do this by extending UsernamePasswordAuthenticationFilter... my code is in Groovy, hope that's OK: public class CorsAwareAuthenticationFilter extends UsernamePasswordAuthenticationFilter { static final String ORIGIN = 'Origin' @Override public Authentication attemptAuthentication(HttpServletRequest request, HttpServletResponse response){ if (request.getHeader(ORIGIN)) { String origin = request.getHeader(ORIGIN) response.addHeader('Access-Control-Allow-Origin', origin) response.addHeader('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE') response.addHeader('Access-Control-Allow-Credentials', 'true') response.addHeader('Access-Control-Allow-Headers', request.getHeader('A

Categories : Java

Why does my cross-domain postMessage only work when passing "*" as origin parameter?
The second pram is targetOrigin, this is a security restriction to stop your message being intercepted. It should be set to the domain of the window the message is being sent to rather than the one it is coming from. Here's an example using an iframe to set the second field, that takes the src value from the iFrame and chops it down to being protocol + domain + port. Which is what is required to set target origin. var target = iframe.src.split('/').slice(0,3).join('/'); iframe.contentWindow.postMessage('foo', target);

Categories : Javascript

how to find most searched articles which are NOT yet in wikipedia using php and wikipedia api?
How about keeping track of "searched but not found" searches in a DB table and the number of times they're searched in a separate field? This can be done very easily. But then you have to handle the difference in titles people will search for, or simply split them into words and keep track of the words only (ignoring grammatical propositions etc)

Categories : PHP

How to get information in info box of Wikipedia articles using Wikipedia api?
The MediaWiki API doesn't understand infoboxes. So, you have basically two options: Parse the infobox yourself. You can either parse the wikitext directly or the generated HTML table (both are available from the API). Let somebody else do the parsing. This is exactly what DBPedia does. Wikidata tries to do something similar, but it probably won't contain enough data to be usable for a long time; see growth statistics.

Categories : Misc

CORS - Cross-Domain AJAX Without JSONP By Allowing Origin On Server
There is no need to use JSONP if you enable CORS. Access-Control-Allow-Origin: http://www.example.com if this header is set in the response, then normal XmlHttpRequest will be able to access the response as if it is like same domain. Check whether this header is set correctly. I hope that this link will help you if you are using jquery A CORS POST request works from plain javascript, but why not with jQuery? Update: Example var xmlhttp= new XMLHttpRequest(); var url="https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS?redirectlocale=en-US&redirectslug=HTTP_access_control"; xmlhttp.open("GET",url,false); xmlhttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8"); xmlhttp.send(); Try this in any domain, you will get response. Upd

Categories : Javascript

Cross Domain XHR failing inspite of Access-Control-Allow-Origin header
For any arbitrary request (given the mix of Amazon and Stack Overflow in the question), CORS may not be enough as it's actually the remote server that has to give the permission. For the 2nd request to succeed, stackoverflow.com would have to include relevant Access-Control-Allow-* headers in their responses that give your website permission to make the request. And whether those are included in the response or not is entirely up to Stack Exchange, in this case. Also, by including Access-Control-Allow-Origin: * in the response, you're actually allowing other websites to request your page from their origin. What you may need is a "proxy" script on your server. You can find a generalized solution from Ben Alman: http://benalman.com/projects/php-simple-proxy/ https://github.com/cowboy/

Categories : Javascript

IE10 and Cross-origin resource sharing (CORS) issues with Image / Canvas
Confirmed: IE10 does not support CORS images in an HTML 5 canvas. See RReverser's answer for a workaround. Edit Sorry, I haven't dealt with CORS images before and thought this question was about an AJAX request. According to Mozilla Developer Network you need to set image.crossOrigin to anonymous or use-credentials. Also, according to that page today, these attributes are not supported in IE, Safari, or Opera. This test was made to demonstrate that IE9 did not support it and it seems that same test still fails in IE10, so even if Safari and Opera have added support since the MDN article was written, it is quite possible that IE10 still lacks support. The only tip I can give you is that in general, allow-credentials is incompatible with a wildcard allow-origin. Either drop the allow-c

Categories : Javascript

SEC7118: XMLHttpRequest for /socket.io/1/?t=1370206038749 required Cross Origin Resource Sharing (CORS)
AFAIU, SEC7118 is not an error but just a notification. I've googled but didn't find the code reference on any MS site; anyway you can find 7118 messages when CORS works fine for IE10. This document focused on CORS and IE10 clarify what I mean (and it's definitely worth reading): http://blogs.msdn.com/b/ie/archive/2012/02/09/cors-for-xhr-in-ie10.aspx Anyway, I've found your issue when troubleshooting some sort of nodejs chat (actually, a BOSH backed js chat client) on IE10. In my case turned out that IE10 prepends "NS1:" to some xml attributes when sending requests, breaking things up. So, you should carefully check your xml payload looking for subtle differences (like the one we found) between IE10 and other (working) browsers. Hope this helps.

Categories : Node Js

Laravel Response::json gives cross domain error i browser even if header is Access-Control-Allow-Origin:*
This example works for me you may try this. public function getOwnlist(){ $images = User::with('images.category')->find(Auth::getUser()->getAttribute('id')); return Response::json($images, 200, array('Access-Control-Allow-Origin' => '*')); } Also, I highly recommend setting those on the constructor of your Controller Base instead of setting the headers in each response. Or you can create one only to serve API and extend from it. Should be something like: protected $response; // This is a global variable on you BaseController // This goes on your BaseController constructor $this->response = Response::make(); $this->response->headers->add(array('Access-Control-Allow-Origin', '*'); I found some issues with Cross Domain AJAX while using jQuery, it only works

Categories : Ajax

Sending Post Request from Chrome Extension (Origin?)
If you cannot change the headers of the server, the only way to request it is to use jsonp. You can find more information about this here: What is JSONP all about?

Categories : Javascript

Identifying the origin of a focus request in Java Swing UI
I had a similar problem, at the end I just specified the focus hierarchy and took all control over focusing from java. It goes a little something like this: // Setting The FOCUS Order. Vector<Component> order = new Vector<Component>(7); order.add(projectNameJTextField); order.add(companyJTextField); order.add(orderedByJTextField); order.add(phoneJTextField); order.add(jRadioNormalPriority); order.add(jRadioHighPriority); order.add(jCheckBox1); order.add(jCheckBox2); order.add(jCheckBox3); order.add(jCheckBox4); order.add(jCheckBox5); order.add(jCheckBox6); order.add(textDetailJTextArea); order.add(technitianJComboBox); order.add(aproxTimeJTextField); order.add(sendButton); // Sending the costume foc

Categories : Java



© Copyright 2017 w3hello.com Publishing Limited. All rights reserved.