Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

changing the Access-Control-Allow-Origin to allow Jquery load() to work

Tags:

jquery

ajax

cors

SITUATION:

  • Internal web site running off a web server.
  • SharePoint running off a different internal web server.
  • It's all internal, and all on the same company.com internal domain (different sub domains because they are accessed via SharePoint.company.com and internalWeb.company.com)

PROBLEM:

  • XMLHttpRequest cannot load http://SharePoint.company.com. Origin http://internalWeb.company.com is not allowed by Access-Control-Allow-Origin.

WHAT I WANT:

  • Use ajax and the JQuery load() function from my web sites running off the web server to call urls on the SharePoint server.

NOTE:

  • This seems like it should be possible to set the SharePoint server to allow cross origin requests by just setting the Access-Control-Allow-Origin, it's ALL INTERNAL and I can change the web.configs or IIS settings as I please
  • Is this possible? If so, where do I set it. I have read a lot on this and can't seem to get a clear answer.

CODE: (on my web page running on internalWeb.company.com)

$("#details").load("SharePoint.company.com/someDetails.html");

Thanks!

like image 968
kralco626 Avatar asked Aug 09 '13 14:08

kralco626

People also ask

Why origin is not allowed by Access-Control allow origin?

This error occurs when a script on your website/web app attempts to make a request to a resource that isn't configured to accept requests coming from code that doesn't come from the same (sub)domain, thus violating the Same-Origin policy.

How do you resolve cross-origin issues in Ajax?

Re: CORS issue after ajax post requestYour server needs to not only allow POSTs from the origin using Access-Control-Allow-Origin (origin = your Marketo LP domain including protocol, like https://pages.example.com), it also needs to allow the Content-Type header using Access-Control-Allow-Headers.

How do I fix CORS header Access-Control allow Origin missing?

If the server is under your control, add the origin of the requesting site to the set of domains permitted access by adding it to the Access-Control-Allow-Origin header's value. You can also configure a site to allow any site to access it by using the * wildcard. You should only use this for public APIs.

1 Answers

A quick fix could be to set a custom header in your SharePoint web.config:

http://www.iis.net/configreference/system.webserver/httpprotocol/customheaders

<customHeaders>
    <add name="Access-Control-Allow-Origin" value="*" />
</customHeaders>

Or for just that domain, try 

<customHeaders>
    <add name="Access-Control-Allow-Origin" value="http://internalWeb.company.com" />
</customHeaders>
like image 70
Jason P Avatar answered Oct 30 '22 04:10

Jason P
Sign in to Comment

Related questions

jQuery.ajax how to use contents property
jQuery loop on multiple input.files
If I overwrite html, is it removed from the dom?
jQuery, why the rewind playbackRate doesn't work?
jQuery using "subquery"
How to hide overflow on select2?
Using Access-Control-Allow-Origin with MVC
jQuery mousewheel stop propagation
Force html4 fallback in history.js
Focus Which not triggered by click
Wrapping text around an absolute positioned element
How to find monthview or week view or day view in full calendar
Nested <ol> - display full path of structured list?
Expanding / Collapsing divs
How to add error handling in Jquery Ajax Form submission
Tips to save up our page load time [duplicate]
A WYSIWYG editor for only bold italic and list [closed]
How to create jQuery Element Methods with NameSpace
Jquery datepicker beforeShowDay after initializing
Fuelux wizard validation input

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!