1

I'm trying to add a parameter in the request header and it works fine for same-domain calls, but if I call a different domain (the API) I need to change the header param itself.

This is the code I've tried to add a parameter.

jqXHR.setRequestHeader( "Authorization", 'bearer t-7614f875-8423-4f20-a674-d7cf3096290e' );

Should be like this

Authorization: bearer t-3e57cc74-3e7a-4fc7-9bbb-f6c83252db01 User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/537.11 Accept: */* Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3

But for cross-domain calls it becomes like this:

Accept text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Encoding gzip, deflate Accept-Language en-US,en;q=0.5 Access-Control-Request-Headers authorization Access-Control-Request-Method GET

Can anyone give me any idea how to fix this for cross-domain calls?

Improve this question
2
  • this has been asked many many times Commented Dec 23, 2012 at 14:33
  • sorry for creating it again, but I couldn't find any helpful solution and I'm stuck over it Commented Dec 23, 2012 at 14:45

1 Answer 1

Reset to default
2

You need to implement the "preflighting" part of CORS since you use custom headers. There is a good documentation on it on MDN.

You basically need to handle a HTTP OPTIONS request and respond with the proper headers indicating the client that the request is allowed. If you simply want to allow all GET requests with the Authorization header the following response headers would do the job:

Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET Access-Control-Allow-Headers: authorization
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

Thanks for replying, I'm using jquery library for request, can I use that or I've have to use a custom function for requesting
It is not a JS thing. Using jQuery is perfectly fine. You just need to do what I mentioned on the server side.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.