Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

403 Status (Forbidden) when PUT and DELETE using AJAX

I've implemented a small REST API using JAX-RS (Jersey 2.0) and I'm using AJAX to call the API, GET and POST work fine but when I get to call any PUT or DELETE methods, all I get is the following error message:

Failed to load resource: the server responded with a status of 403 (Forbidden)

Here's an example of a DELETE method in Java:

    @Path("/deleteSomething")
    @DELETE
    @Consumes("application/json")
    public void delete(String json) throws ParseException {
        JSONParser parser = new JSONParser();
        Object obj = parser.parse( json );
        JSONObject object=(JSONObject)obj;

        String id = (String) object.get("id");
        System.out.println("ID  :   " + id);
        //DO SOMETHING HERE
    }

And here is the Javascript call using AJAX:

function deleteSomethingAjax() {
    $.ajax({
        url: API_URI + "/deleteSomething", //API_URI is the API's uri
        contentType : 'application/json',
        data: idToJSON(), // this function just returns a JSON obj {"id":"myID"}
        type:  'DELETE',
        success : function(data, textStatus, jqXHR) {
            alert( "Fine!" );
        },

        error : function(jqXHR, data, textStatus, errorThrown) {
            alert('WOOPS, something wrent wrong...');
        }
    });
}

Any help will be much appreciated!! Thank you!!

like image 789
charliebrownie Avatar asked Jun 12 '14 20:06

charliebrownie


People also ask

What does Ajax error 403 mean?

The HTTP 403 Forbidden response status code indicates that the server understands the request but refuses to authorize it. This status is similar to 401 , but for the 403 Forbidden status code, re-authenticating makes no difference.

Why does it keep saying 403 Forbidden?

The 403 Forbidden error means that your server is working, but you no longer have permission to view all or some of your site for some reason. The two most likely causes of this error are issues with your WordPress site's file permissions or . htaccess file.


1 Answers

The issue had to do with the CORSFilter set-up, I was setting it wrong in the web.xml file. Here is the part of the CORSFilter, well set inside web.xml:

<filter>
    <filter-name>CorsFilter</filter-name>
    <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
    <init-param>
        <param-name>cors.allowed.origins</param-name>
        <param-value>*</param-value>
    </init-param>
    <init-param>
        <param-name>cors.allowed.methods</param-name>
        <param-value>GET,POST,HEAD,OPTIONS,PUT,DELETE</param-value>
    </init-param>
</filter>
<filter-mapping>
    <filter-name>CorsFilter</filter-name>
    <url-pattern>/*</url-pattern>
</filter-mapping>
like image 84
charliebrownie Avatar answered Sep 20 '22 13:09

charliebrownie