Post API is not working (CORS header 'Access-Control-Allow-Origin' missing)

Afaq Ahmad Khan6 years ago

Hi,
I am using POST API with javascript on locaohost it is working fine but when i use on main site it is not working with below code,

           function insertGeoFence()
            {
                var data = JSON.stringify({
                    "id": 0,
                    "attributes": {},
                    "calendarId": "0",
                    "name": "PostMan2",
                    "description": "Postmanapi2",
                    "area": "CIRCLE (25.27807899556211 -85.75653076171876, 7684.3)"
                  });
                  var xhr = new XMLHttpRequest();
                  xhr.withCredentials = true;
                  xhr.addEventListener("readystatechange", function () {
                    if (this.readyState === 4) {
                      console.log(this.responseText);
                    }
                  });
                  xhr.open("POST", "http://tracker.oxlogix.com/api/geofences");
                  xhr.setRequestHeader ("Authorization", "Basic " + btoa("f@crispedge.com" + ":" + "afaq2011"));
                  xhr.setRequestHeader("content-type", "application/json");
                  xhr.setRequestHeader("cache-control", "no-cache");
                  xhr.send(data);
            }

This code is giving me error below :

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://tracker.oxlogix.com/api/geofences. (Reason: CORS header 'Access-Control-Allow-Origin' missing).
Anton Tananaev6 years ago

I guess you haven't configured CORS on your server.

Afaq Ahmad Khan6 years ago

We have this setup <entry key='web.origin'>*</entry>

When we are posting from postman it works but otherwise it is not.

The same setup is at local and its working but not on server.

Anton Tananaev6 years ago

Have you configured CORS for your web app?

Afaq Ahmad Khan6 years ago

Here is my CORS setting

ServerName tracker.oxlogix.com
DirectoryIndex index.php index.html
DocumentRoot "/var/www/html/tracker.oxlogix.com/WebSite"
ErrorLog "/var/www/html/tracker.oxlogix.com/logs/ErrorLog"
TransferLog "/var/www/html/tracker.oxlogix.com/logs/TransferLog"
Header set Access-Control-Allow-Origin "*"
ProxyPass /api/socket ws://localhost:8083/api/socket
ProxyPassReverse /api/socket ws://localhost:8083/api/socket

ProxyPass / http://localhost:8083/
ProxyPassReverse / http://localhost:8083/
Afaq Ahmad Khan6 years ago

header for client 

Server => Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips mod_fcgid/2.3.9 PHP/7.0.30 mod_wsgi/3.4 Python/2.7.5
X-Powered-By => PHP/7.0.30
X-Pingback => http://oxlogix.com/xmlrpc.php
Link => ; rel=shortlink
Access-Control-Allow-Origin => http://tracker.oxlogix.com
Access-Control-Allow-Methods => POST, GET, OPTIONS, PUT, DELETE
Access-Control-Allow-Credentials => true
Location => http://oxlogix.com/wp-admin
Vary => User-Agent
Cache-Control => s-maxage=10
Connection => close
Content-Type => text/html; charset=UTF-8

header for traccar url 

Server => Jetty(9.2.24.v20180105)
X-Mod-Pagespeed => 1.13.35.2-0
Access-Control-Allow-Origin => *
Vary => Accept-Encoding
Cache-Control => max-age=0, no-cache, s-maxage=10
Content-Length => 466
Connection => close
Content-Type => text/html; charset=UTF-8
Afaq Ahmad Khan6 years ago

Will sent list of queries to support then.

Lucas Bastos6 years ago

Have you solved this issue? I have the same problem with CORS.