无法使用jQuery发出CORS请求

Question

I'm following this example:

http://www.html5rocks.com/en/tutorials/cors/#toc-cors-from-jquery

Here is my code:

<html>
<head>
    <script type="text/javascript" src="http://code.jquery.com/jquery-latest.min.js"></script>
</head>
<body>
    <script>
    $(document).ready(function(){

        $.getJSON("http://172.28.101.197:3000/tests.json",function(config){

            var create_config_url = "https://act.domain.com/act2/act/createConfigfile?accountid=" + config.accountId + "&configfilename=" + config.name

            alert ("here goes nothing!");
            $.ajax({


                // The 'type' property sets the HTTP method.
                // A value of 'PUT' or 'DELETE' will trigger a preflight request.
                type: 'GET',

                // The URL to make the request to.
                url: create_config_url,

                // The 'contentType' property sets the 'Content-Type' header.
                // The JQuery default for this property is
                // 'application/x-www-form-urlencoded; charset=UTF-8', which does not trigger
                // a preflight. If you set this value to anything other than
                // application/x-www-form-urlencoded, multipart/form-data, or text/plain,
                // you will trigger a preflight request.
                contentType: 'text/plain',

                xhrFields: {
                // The 'xhrFields' property sets additional fields on the XMLHttpRequest.
                // This can be used to set the 'withCredentials' property.
                // Set the value to 'true' if you'd like to pass cookies to the server.
                // If this is enabled, your server must respond with the header
                // 'Access-Control-Allow-Credentials: true'.
                    withCredentials: false
                },

                headers: {
                // Set any custom headers here.
                // If you set any non-simple headers, your server must include these
                // headers in the 'Access-Control-Allow-Headers' response header.
                },

                success: function() {
                    alert( "I think I created a config" );
                // Here's where you handle a successful response.
                },

                error: function() {

                    alert ("That's an error!");
                // Here's where you handle an error response.
                // Note that if the error was due to a CORS issue,
                // this function will still fire, but there won't be any additional
                // information about the error.
                }
                //$.get(create_config_url,function(result){

            });

        });
});</script>
</body>
</html>    

I'm getting the following error:

XMLHttpRequest cannot load https://act.domain.com/act2/act/createConfigfile?accountid=AANA-EJ8SB&configfilename=rabdelaz.netstorage-pm.com. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.

Answer 1

Try adding: crossDomain: true

You can also try: contentType: "jsonp"

Answer 2

From the looks of it, it looks like that the server you are trying to communicate with doesn't have CORS enabled.If it has then your domain from where your sending the GET request is not in the server allowed domain white list. I don't see any issues with ajax.If you want to know more about CORS I recently have written a detailed post on CORS here . Hope that helps

Answer 3

I don't really know what is the back-end language you are using, but you need to use jsonp to make it more secure and cross-domain: true.
Access-Control-Allow-Origin: * in this case asterisk could be an allowed host
Access-Control-Allow-Methods: POST, GET, OPTIONS be sure your method is in the list.