-1

I'm trying to upload a file (which can be quite large) from the website of one server to the backend of another server using plupload. Lets say:

domain 1 = http://www.websitedomain.com/uploadform
domain 2 = http://www.backenddomain.com/uploadhandler

Trying to upload i send the following:

OPTIONS /main/uploadnetwork.php HTTP/1.1
Host: backenddomain.com
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: http://www.websitedomain.com
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.79 Safari/537.4
Access-Control-Request-Headers: origin, content-type
Accept: */*
Referer: http://www.websitedomain.com/uploadform
Accept-Encoding: gzip,deflate,sdch
Accept-Language: nl-NL,nl;q=0.8,en-US;q=0.6,en;q=0.4
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.3
DNT: 1

But when I try to start the upload the server returns the following: 

HTTP/1.1 405 Method Not Allowed
Allow: GET, HEAD, OPTIONS, TRACE
Content-Type: text/html
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
X-Powered-By-Plesk: PleskWin
Date: Mon, 01 Oct 2012 12:41:57 GMT
Content-Length: 999

After doing some research I found out that a browser does this to check if the server will accept the intended message. It looks like my server doesn't feel like accepting a simple POST call even tho i use post all the time.

The Google Chrome console gives the following error:

XMLHttpRequest cannot load http://www.backenddomain.com/uploadhandler. Origin http://www.websitedomain.com is not allowed by Access-Control-Allow-Origin.

Does anyone know how to stop the browser from checking or how i can tell my server to just accept the POST?

jbl
  • 15,179
  • 3
  • 34
  • 101
Manuel
  • 10,153
  • 5
  • 41
  • 60

1 Answers1

1

You seem to face a Same origin policy problem

Adding a special header should help on some browsers : http://en.wikipedia.org/wiki/Cross-origin_resource_sharing

Answers to this question might also be helpfull : Cross-domain data access in JavaScript

You should also check the cross-domain tag : https://stackoverflow.com/questions/tagged/cross-domain

Community
  • 1
  • 1
jbl
  • 15,179
  • 3
  • 34
  • 101
  • re: "Adding a special header should help on some browsers", actually CORS works on all browsers that support the HTML5 plupload plugin, and this even includes IE10. Call it a coincidence if you like, but seems no vendor implemented just upload support without also adding CORS. – gonchuki Oct 03 '12 at 20:02
  • I found the solution te be quite easy. The receiving server doesn't know the sender and doesn't accept. Adding the `Access-Control-Allow-Origin` header fixed the problem! – Manuel Oct 15 '12 at 10:30