Error Access-Control-Allow_Origin not allowed [duplicate]

2

I'm trying to access another site from my program.php, but it's returning the message:

XMLHttpRequest can not load In 'Access-Control-Allow-Origin' header is present on the requested resource. Origin ' link ' is therefore not allowed access.

I've changed the HTML code, but it still keeps returning the same error. HTML code below:

<!DOCTYPE html>
<html>
<head>
<?php
   header("Access-Control-Allow-Origin: *");
?>
  <META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=ISO-8859-1"> 
  <meta name="viewport" content="initial-scale=1.0, user-scalable=no"/>
  <title>Projeto Yara Tecnologia</title>
  <meta charset="UTF-16">

  <style>html {
  font-family: Helvetica, Arial, sans-serif;
  font-size: 100%;
  background: #333;
}

Adding the command <?php header("Access-Control-Allow-Origin: *"); ?> made no difference!

Is there a correct place to write this command in HTML?

What am I doing wrong?

    
asked by anonymous 09.06.2015 / 01:11

3 answers

2

Header should be added on the landing page, not the source page.

Let's say I create a page http://meusitedeorigem.com/teste.php , on this page I have a script that calls ajax the address http://siteexterno.com/autentica , who needs to have the Header of Access-Control-Allow-Origin: * is the second one, it is he who has to say who can access it.

So it's no use adding the header to your page, if the other site is yours you should add the header in it, if it is not yours there is nothing that can be done, in this case you must make the request for it with PHP and not with javascript.

    
25.02.2016 / 12:42
1

Try to add these headers:

header('HTTP/1.1 200' );
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, WCTrustedToken, userId, WCToken, PersonalizationID, AUTHUSER, Primarynum');
header('Access-Control-Allow-Methods: GET, POST, OPTIONS, DELETE, PUT');
    
10.06.2015 / 01:22
1

Headers need to be submitted before any content. Change to:

<?php
   header("Access-Control-Allow-Origin: *");
?>
<!DOCTYPE html>
<html>
<head>
...

And ensures that the file is being interpreted correctly by PHP.

    
25.02.2016 / 04:27