Post API is not working (CORS header 'Access-Control-Allow-Origin' missing)

Afaq Ahmad Khan 8 years ago

Hi,
I am using POST API with javascript on locaohost it is working fine but when i use on main site it is not working with below code,

           function insertGeoFence()
            {
                var data = JSON.stringify({
                    "id": 0,
                    "attributes": {},
                    "calendarId": "0",
                    "name": "PostMan2",
                    "description": "Postmanapi2",
                    "area": "CIRCLE (25.27807899556211 -85.75653076171876, 7684.3)"
                  });
                  var xhr = new XMLHttpRequest();
                  xhr.withCredentials = true;
                  xhr.addEventListener("readystatechange", function () {
                    if (this.readyState === 4) {
                      console.log(this.responseText);
                    }
                  });
                  xhr.open("POST", "http://tracker.oxlogix.com/api/geofences");
                  xhr.setRequestHeader ("Authorization", "Basic " + btoa("f@crispedge.com" + ":" + "afaq2011"));
                  xhr.setRequestHeader("content-type", "application/json");
                  xhr.setRequestHeader("cache-control", "no-cache");
                  xhr.send(data);
            }

This code is giving me error below :

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://tracker.oxlogix.com/api/geofences. (Reason: CORS header 'Access-Control-Allow-Origin' missing).

Anton Tananaev 8 years ago

I guess you haven't configured CORS on your server.

Afaq Ahmad Khan 8 years ago

We have this setup <entry key='web.origin'>*</entry>

When we are posting from postman it works but otherwise it is not.

The same setup is at local and its working but not on server.

Anton Tananaev 8 years ago

Have you configured CORS for your web app?

Afaq Ahmad Khan 8 years ago

Here is my CORS setting

ServerName tracker.oxlogix.com
DirectoryIndex index.php index.html
DocumentRoot "/var/www/html/tracker.oxlogix.com/WebSite"
ErrorLog "/var/www/html/tracker.oxlogix.com/logs/ErrorLog"
TransferLog "/var/www/html/tracker.oxlogix.com/logs/TransferLog"
Header set Access-Control-Allow-Origin "*"
ProxyPass /api/socket ws://localhost:8083/api/socket
ProxyPassReverse /api/socket ws://localhost:8083/api/socket

ProxyPass / http://localhost:8083/
ProxyPassReverse / http://localhost:8083/

Afaq Ahmad Khan 8 years ago

header for client

Server => Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.30 mod_wsgi/3.4 Python/2.7.5
X-Powered-By => PHP/7.0.30
X-Pingback => http://oxlogix.com/xmlrpc.php
Link => ; rel=shortlink
Access-Control-Allow-Origin => http://tracker.oxlogix.com
Access-Control-Allow-Methods => POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Credentials => true
Location => http://oxlogix.com/wp-admin
Vary => User-Agent
Cache-Control => s-maxage=10
Connection => close
Content-Type => text/html; charset=UTF-8

header for traccar url

Server => Jetty(9.2.24.v20180105)
X-Mod-Pagespeed => 1.13.35.2-0
Access-Control-Allow-Origin => *
Vary => Accept-Encoding
Cache-Control => max-age=0, no-cache, s-maxage=10
Content-Length => 466
Connection => close
Content-Type => text/html; charset=UTF-8

Afaq Ahmad Khan 8 years ago

Will sent list of queries to support then.

Lucas Bastos 7 years ago

Have you solved this issue? I have the same problem with CORS.