Access-Control-Allow_origin error not allowed

Asked

Viewed 754 times

2

I’m trying to access another site of my.php program, but it’s returning the message:

Xmlhttprequest cannot load http://177.55.99.146:8080/Autenticacao/autentica? file=47d75bd903c790f2f48b7dbbcc2896c1e98b7dbbcc2896c1e98b7dbbcc2896c1e98b7dbbcc2896c1e98b7dbbcc28. No 'Access-Control-Allow-Origin' header is present on the requested Resource. Origin 'http://www.yaratecnologia.com.br' is therefore not allowed access.

I changed the HTML code, but still keeps returning the same error. HTML code below:

<!DOCTYPE html>
<html>
<head>
<?php
   header("Access-Control-Allow-Origin: *");
?>
  <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1"> 
  <meta name="viewport" content="initial-scale=1.0, user-scalable=no"/>
  <title>Projeto Yara Tecnologia</title>
  <meta charset="UTF-16">

  <style>html {
  font-family: Helvetica, Arial, sans-serif;
  font-size: 100%;
  background: #333;
}

The inclusion of the command <?php header("Access-Control-Allow-Origin: *"); ?> made no difference!!!

There is a correct place to write this command in HTML?

What am I doing wrong?

php cors xmlhttprequest

  • Didn’t make a difference? The way you posted, your code should have given error. This file you posted is actually being processed as a PHP file?

  • In fact, I just posted the initial part of the code, not the whole code, because it’s too big. But it doesn’t give any error message. Only that message "is therefore not allowed access."

  • The headers have to be added in the file http://177.55.99.146:8080/autenticacao/autentica and not in that html of yours and that should be the answer that comes the closest to solving your problem: http://answall.com/a/12393/3635

3 answers

2

Header must be added on the destination page, not the source page.

Let’s say I create a page http://meusitedeorigem.com/teste.php, on this page I have a script that calls by ajax the address http://siteexterno.com/autentica, who needs to have the Access-Control-Allow-Origin: * is the second, it is he who has to say who can access it.

Then it is no use to add the header to your page, if the other site is yours you should add the header to it, if it is not yours there is nothing that can be done, in this case you should request it with PHP and not with javascript.

1

Try adding these headers:

header('HTTP/1.1 200' );
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, WCTrustedToken, userId, WCToken, PersonalizationID, AUTHUSER, Primarynum');
header('Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE, PUT');

  • I made these inclusions but did not change anything. It keeps giving the same error.

  • had to have worked, something’s wrong with your code, headers are being included in the right place? where the call is being made?

  • It is.... my question is: is there any specific place in the HTML where I should include this code? I’m including on the HTML page, where I made the call to the www.yaratecnologia.com.br address...

1

Headers need to be uploaded before any content. Switch to:

<?php
   header("Access-Control-Allow-Origin: *");
?>
<!DOCTYPE html>
<html>
<head>
...

And ensures that the file is being interpreted by PHP correctly.

Browser other questions tagged php cors xmlhttprequest

You are not signed in. Login or sign up in order to post.