76850

CORS “No 'Access-Control-Allow-Origin' header is present” yet there is

These three headers are added using PHP

header('Content-Type: application/json; charset=UTF-8;'); header('Access-Control-Allow-Methods: GET, POST'); header('Access-Control-Allow-Origin: *');

All the headers sent are:

HTTP/1.1 200 OK Date: Mon, 30 Jun 2014 06:39:29 GMT Server: Apache X-Powered-By: PHP/5.3.28 Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0 Pragma: no-cache Access-Control-Allow-Methods: GET, POST Access-Control-Allow-Origin: * Vary: Accept-Encoding,User-Agent Content-Encoding: gzip Cache-Control: max-age=1, private, must-revalidate Content-Length: 20 Keep-Alive: timeout=3, max=100 Connection: Keep-Alive Content-Type: application/json; charset=UTF-8;

Yet when trying to use $.json or $.post to target this server, I get this error in the Chrome Console:

XMLHttpRequest cannot load http://cms.webdevguru.co.uk/gurucms.php?mode=addto&apikey=606717496665bcba. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://remote.webdevguru.co.uk' is therefore not allowed access.

I know this is a possible duplicate of a few other questions, but since I have gone through many of them and tried a few things out of them to try and fix this: I would appreciate some specific replies to deal with my issue at hand.

As Joachim Isaksson figured out, its because the initial headers consist of a 301 Redirect, is there any way to force the request to follow the Redirect before checking for the Access-Control-Allow-Origin headers?

Answer1:

The reason CORS isn't working is that your link gives a "301 Moved Permanently" without a CORS header, redirecting to another link.

The link it redirects to sends the header, however it seems CORS has already given up the preflight on the first response.

Passing back a "Access-Control-Allow-Origin" header with the 301 may solve your problem, that should allow the preflight to continue.

Recommend

  • apache won't start
  • How to generate a range of nonweekend dates using tools available in bash?
  • Is it possible to plot two variables using a third one as filter in R?
  • babeljs doesn't transpile extended classes properly [duplicate]
  • set ruby hash element value by array of keys
  • Hide UIView starting from Bottom on Scroll
  • Getting rollback in creating shortcuts on installation of node js in windows 7
  • MSVC 2015 /Wall has lots of not useful messages
  • XMPP push notifications causing problems (delay + duplications) in messages
  • LDA: Why sampling for inference of a new document?
  • Interpret strings as packed binary data in C++
  • C++: Use input string as variable name
  • Iterate twice through a DataReader
  • Is there a way to choose which files are displayed to the user via the standard OPENFILE dialogs?
  • Setting WPF Window Background to Resource Dictionary Brush User Setting
  • HttpClient: disabling chunked encoding
  • Yii2: Finding file and getting path in a directory tree
  • Clear fused location provider's location for testing
  • Clear activity stack before launching another activity
  • Angular2 Response for preflight is invalid (redirect) from some GET requests
  • android.support.v7.widget.Toolbar VectorDrawableCompat IllegalStateException when using support lib
  • How do I configure context broker accept post requests from my remote sensor?
  • How to avoid particles glitching together in an elastic particle collision simulator?
  • Recording logins for password protected directories
  • How do I change content of ComboFieldEditor?
  • Splitting given String into two variables - php
  • Encrypt data by using a public key in c# and decrypt data by using a private key in php
  • Check if a string to interpolate provides expected placeholders
  • SSO with signing and signature validation doesn't work
  • Deserializing XML into class C#
  • Weird JavaScript statement, what does it mean?
  • Do I've to free mysql result after storing it?
  • SQL merge duplicate rows and join values that are different
  • Memory offsets in inline assembly
  • Authorize attributes not working in MVC 4
  • How can I remove ASP.NET Designer.cs files?
  • Busy indicator not showing up in wpf window [duplicate]
  • costura.fody for a dll that references another dll
  • Python/Django TangoWithDjango Models and Databases
  • Net Present Value in Excel for Grouped Recurring CF