add header in ajax for Cross-Origin, not working

Question

When I add header HTTP_X_REQUESTED_WITH in ajax for request to another server then it give erorr as Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://www.xxxxxxxxxxxx.com/checkurl.php?action=xxxxxxx. This can be fixed by moving the resource to the same domain or enabling CORS.

and if I remove this header it working properly.

I have many ajax request so I use this format to add header in all ajax request

 $(document).ajaxSend(function (event, jqxhr, settings) {
     jqxhr.setRequestHeader('HTTP_X_REQUESTED_WITH', 'XMLHttpRequest')
 });

and my ajax is :

 $.ajax({
    url:sitePath+'Xxxxxxxxx/checkurl.php?action=Pages&page='+actionPage,
    type :'POST',
    crossDomain:true,
    success : function(data){
        hideLoadingDiv();
        if(data.getElementsByTagName("message")[0].getElementsByTagName("messageType")[0].childNodes[0].nodeValue=="SUCCESS")
        {
            document.getElementById(divID).innerHTML=data.getElementsByTagName("PageBody")[0].childNodes[0].nodeValue+'<span><a onclick="return checkRegistrationValidation();" href="javascript:void(0);" class="orengeBtn">Back</a></span>';
            displayDiv(divID);
        }
        else if(data.getElementsByTagName("message")[0].getElementsByTagName("messageType")[0].childNodes[0].nodeValue=="ERROR")
        {
            showErrorMessage(data.getElementsByTagName("message")[0].getElementsByTagName("messageText")[0].childNodes[0].nodeValue);
        }
        else
        {
            generalError();
        }
    },
    error:function(xhr,ajaxOptions, thrownError){
        hideLoadingDiv();
        if(xhr.status==200){
            generalError();
        }
        else{
            networkError();
        }
        if(debugMode==1){
            displayAjaxError(xhr,thrownError);
        }
    }
});

and in my server file I use

header("Access-Control-Allow-Origin: *");
header('Access-Control-Allow-Methods: GET, POST');
header('Access-Control-Allow-Headers: X-Requested-With, Content-Type')

but it give error every time when I add header. And after remove working properly. Please help.

What do you want to? If it works, why do you need the header? — VMAtm, Mar 10 '15 at 13:10
possible duplicate of [Cross-Domain AJAX doesn't send X-Requested-With header](http://stackoverflow.com/questions/8163703/cross-domain-ajax-doesnt-send-x-requested-with-header) — VMAtm, Mar 10 '15 at 13:44

score 0 · Answer 1 · edited May 23 '17 at 12:28

You can find answer here:

Cross-Domain AJAX doesn't send X-Requested-With header

You have to either add the headers manually in your ajax:

$.ajax({
    url:sitePath+'Xxxxxxxxx/checkurl.php?action=Pages&page='+actionPage,
    type :'POST',
    crossDomain:true,
    headers: {'X-Requested-With': 'XMLHttpRequest'}

or make the request not crossdomain:

$.ajax({
    url:sitePath+'Xxxxxxxxx/checkurl.php?action=Pages&page='+actionPage,
    type :'POST',
    crossDomain:false,

add header in ajax for Cross-Origin, not working

1 Answers1