Error sending ajax request

1

I'm doing a registration via ajax, and I'm getting the following error: Request header field X-Requested-With Access-Control-Allow-Headers in preflight response.

Do not register, follow my codes:

var dataString = $(this).serialize();
                $.ajax({
                    url: "<?= BASE; ?>/modulos/index.php",
                    type: 'POST',
                    cache: false,
                    crossDomain: true,
                    dataType: 'jsonp',
                    data: 'action=enviar_ordens&' + dataString,
                    beforeSend: function (data) {
                        $('.msg_error').html('<div class="alert alert-info">Aguarde estamos enviando seu pedido...</div>');
                        $("#btn_order").attr('disabled', true);
                        $('#btn_order').text("AGUARDE UM MOMENTO...").attr({
                            title: "Aguarde... Enviando pedido!"
                        });
                    },
                    success: function (data) {
                        if (data.code == 'success') {
                            $('.msg_error').html('<div class="alert alert-' + data.code + '">' + data.msg + '</div>');
                            $("#btn_order").attr('disabled', false);
                            $('#btn_order').text("Enviar Pedido").attr({
                                title: "Enviar Pedido"
                            });
                        } else {
                            $('.msg_error').html('<div class="alert alert-' + data.code + '">' + data.msg + '</div>');
                            $("#btn_order").attr('disabled', false);
                            $('#btn_order').text("Enviar Pedido").attr({
                                title: "Enviar Pedido"
                            });
                        }

                    },
                    error: function (data) {
                        console.log(data);
                    }
                });

In my PHP I put this:

header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS');
header('Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token');

I wonder if there is a simple workaround to fix and how do I do it?

Att,

Alisson

    
asked by anonymous 14.05.2018 / 15:13

1 answer

0

In PHP: /modulos/index.php should change from:

header('Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token');

To:

header('Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token, X-Requested-With');

Because X-Requested-With is a header generated by jQuery Ajax, and as you are probably accessing from different domains this header will need to be informed.

Additional not directly related to problem solving with CORS

Note that you might not even need to pass the Access-Control-* headers because I believe your Ajax and PHP are on the same host, but you may have set the BASE in the wrong way, so if your BASE :

 http://site.com

But you're trying to access the site via

 http://www.site.com

It will already fail, needing to configure the Access-Control-*

If the problem is this, as www. and without, then it would be more interesting to set BASE to www. and prevent users from accessing without www. , using .htaccess for this, for example:
RewriteEngine On

# Adiciona www. no prefixo do domínio
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule ^ https://www.%{HTTP_HOST}%{REQUEST_URI} [R=301,L]
    
14.05.2018 / 15:16