#1
  1. A Change of Season
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    3,545
    Rep Power
    221

    Ajax request works fine but reponse gets "No 'Access-Control-Allow-Origin' header"


    Edit: Cant change the headline. it should be Cross-Origin Request Blocked, in Firefox. On Chrome it's good.

    ===================

    Hi;

    I use ajax to update db.

    It sends the form data and updates the DB well, however, the response doesn't work. Inspector says:

    Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://webmoosh.com/plc_template_update. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
    It's open you can see it live ===> here <===

    What am I doing wrong?

    Thanks

    Code:
    function submit_form(form_id, form_box)
        {
            $("#"+form_id).submit(function(e) 
                {
                    var url = '<?php echo base_url('plc_template_update');?>'; 
                    $.ajax({
                       type: "POST",
                       url: url,
                       data: $("#"+form_id).serialize() + '&item_type=' + '<?php echo $item_type;?>' + '&item_id=' + '<?php echo $item_id;?>',
                       success: function(data)
                       {
                          $("#"+form_box).addClass('hide-me');
                          $("#success").removeClass('hide-me');
                          window.setTimeout(function(){
                            $("#success").addClass('hide-me');
                        }, 1000);
                       }
                     });
                e.preventDefault(); 
            });
        }
    PHP Code:
    class Plc_template_update extends CI_Controller {

        public function 
    index()
            {
                if(!isset(
    $_POST['item_id']) || !ctype_digit($_POST['item_id']))
                    {
                        exit();
                    }
                if(
    $_POST['item_type']=='plc')
                    {
                        
    //Uncomment when tests are over
                        // if(!$this->plc_library->is_this_plc_owner($_POST['item_id']))
                        //     {
                        //         exit();
                        //     }
                    
    }        
                
    $data = array();
                foreach(
    $_POST as $val=>$row)
                    {
                        if(
    $val!='item_id' && $val!='item_type' )
                            {
                                
    $data[$val]=$row;
                            }    
                    }
                
    $this->db->where('id'$_POST['id']);
                
    $this->db->update('launch_page_elements'$data);
                            
    http_response_code(200);
            }

    Last edited by English Breakfast Tea; May 30th, 2018 at 02:34 AM.
  2. #2
  3. Wiser? Not exactly.
    Devshed God 2nd Plane (6000 - 6499 posts)

    Join Date
    May 2001
    Location
    Bonita Springs, FL
    Posts
    6,270
    Rep Power
    4193
    It's because you load your page as http:// but your JS is posting to https://, that makes them different origins and prevents the AJAX request. Chrome has the same problem. If it was working for you, then you loaded the original page as https:// in chrome as well instead of http:// like you did in firefox.
    Recycle your old CD's



    If I helped you out, show some love with some reputation, or tip with Bitcoins to 1N645HfYf63UbcvxajLKiSKpYHAq2Zxud
  4. #3
  5. A Change of Season
    Devshed Expert (3500 - 3999 posts)

    Join Date
    Mar 2004
    Location
    Next Door
    Posts
    3,545
    Rep Power
    221
    Thanks, not sure how you find these so fast that's great.

    Would it be a good idea to force users to https?
  6. #4
  7. Wiser? Not exactly.
    Devshed God 2nd Plane (6000 - 6499 posts)

    Join Date
    May 2001
    Location
    Bonita Springs, FL
    Posts
    6,270
    Rep Power
    4193
    Originally Posted by English Breakfast Tea
    Would it be a good idea to force users to https?
    Generally speaking, yes. If you have a https version of something, you should push users to that.
    Recycle your old CD's



    If I helped you out, show some love with some reputation, or tip with Bitcoins to 1N645HfYf63UbcvxajLKiSKpYHAq2Zxud

IMN logo majestic logo threadwatch logo seochat tools logo