7

I explicitly specify a POST and I don't see the post data in the Request and more over specifies it has a OPTIONS.

The response should be a HTML specifying matching users to Query in table format. I am trying to post and read the html to create a auto-complete input box.

This the Jquery Code:

$.post('https://internal.company.com/data/displayUserList', { Email: "", Name: "%GEORGE%"}, function(responseText, textStatus) { console.log("Response:\n" + responseText + textStatus) } );

Request captured by FireBug1.6.1 (Firefox)

OPTIONS /data/displayUserList HTTP/1.1 Host: internal.company.com User-Agent: Mozilla/5.0 Firefox/3.6.8 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-us,en;q=0.5 Accept-Encoding: gzip,deflate Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Keep-Alive: 115 Connection: keep-alive Origin: null Access-Control-Request-Method: POST
Improve this question
1

2 Answers 2

Reset to default
10

This could happen if you violate the same origin policy restriction. The Access-Control-Request-Method request header makes me think this is the case. I see that you specify a full address https://internal.company.com/data/displayUserList in your post request. Make sure that the page hosting this script is originating from https://internal.company.com as well. The best would be to use a relative address:

$.post('/data/displayUserList', { Email: "", Name: "%GEORGE%" }, function(responseText, textStatus) { console.log("Response:\n" + responseText + textStatus); } );
Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Yes. I am trying to post the URL in another webpage, but there top domain is same "company.com", I will check if "document.domain" is same. Also I noticed there are few cookie information sent when "internal.company.com/data/displayUserList" is triggered from the browser. Is there a way I could capture them and send it with this request?
Is the protocol the same? Note that HTTP vs HTTPS violates the same origin policy. As far as cookies are concerned, they will be automatically sent along the AJAX request if those cookies have been set with a domain property equal to the top domain so that they can be shared between those domains.
Yes, protocol is HTTPS. I noticed cookies are not picked up apart from OPTIONS issue. Should I change anything in the call?
@hashg, domains must match: https://internal.company.com and https://company.com are not the same and violate the policy. Please look at the wikipedia article I've linked to in my answer and make sure that the domain and subdomain match exactly. Otherwise your AJAX call will always fail.
0

if you are trying to call a different server in another domain then the strategy to overcome this should reside in the backend to make the server to allow calls from a different front-end domain and in that case you shouldn't break your head trying to adjust this in the front end.

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.