Response to preflight request does not pass access control check

0

When I try to give a GET on a link here on my server that is not in host location this message happens:

  

XMLHttpRequest can not load    link . Response to preflight request does not pass access control check: No   'Access-Control-Allow-Origin' header is present on the requested   resource. Origin ' link ' is therefore not allowed access.   The response had HTTP status code 500.

Request Code:

var settings = {
  "async": true,
  "crossDomain": true,
  "url": "http://192.168.25.66:8089/datasnap/rest/TServerConnMonitorMethods/Get_DataHora",
  "method": "GET",
  "headers": {
    "cache-control": "no-cache",
    "postman-token": "266b68dc-31a5-bf40-69f4-2fa3be60cd9c"
  }
}

$.ajax(settings).done(function (response) {
  console.log(response);
});
    
asked by anonymous 02.05.2016 / 15:06

1 answer

4

Web browsers have a security restriction called Same Origin Policy . It makes certain requests, such as those made via Ajax, only allowed within the same domain.

The recommended solution is to use CORS Cross-Origin Resource Sharing ).

On the server add the Access-Control-Allow-Origin heading, indicating which other domains (sources) are allowed to access that service.

Example:

Access-Control-Allow-Origin: http://www.seusite.com
    
02.05.2016 / 16:20