Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

$.get - Origin not allowed

Today I've encountered a very strange error while trying to get the contents of a PHP file on my server with $.get.

It happens only in Safari and Chrome on Mac OS X (Snow Leopard), on Windows it does work in all browsers properly.

The function is like:

function _fc() {
   $.get("_x_fc.php", { xaction: 'login', xv1: $('#login').attr("value"), xv2: $('#pass').attr("value") }, function (data) {

      if (data=='0') { letItGo=true; $('#loginform').submit(); }
      else ...//Do some other checks
   });
}
  • It's NOT a local server, it's a web server with an existing domain
  • I'm NOT trying to perform any cross-domain ajax. Both files are in the same directory.

I can't find any solution for that.

Exact error:

XMLHttpRequest cannot load 
http://www.asking1.com/_x_fc.php?xaction=login&xv1=something&xv2=something.
Origin http://asking1.com is not allowed by Access-Control-Allow-Origin.
like image 595
Liglo App Avatar asked Oct 08 '22 02:10

Liglo App


1 Answers

www is technically a sub-domain. So you are in violation of the same-origin policy. You could resolve this by setting

function _fc() {
   document.domain = "www.asking1.com";
   $.get("_x_fc.php", { xaction: 'login', xv1: $('#login').attr("value"), xv2: $('#pass').attr("value") }, function (data) {

      if (data=='0') { letItGo=true; $('#loginform').submit(); }
      else ...//Do some other checks
   });
}

or you could fully qualify your URL that you are passing as a part of your AJAX request to ensure that it is the same.

like image 102
marteljn Avatar answered Oct 13 '22 12:10

marteljn