3

I am done developing my first hybrid app. It runs smoothly in localhost. But when I tried to make it live, I got this error.

XMLHttpRequest cannot load https://www.example.com/app/login.php. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 500.

Why is this happening?

Here is my sample set up on my ajax request:

$.ajax({
           type: "POST",
           url: "https://www.example.com/app/login.php",
           crossDomain: true,
           dataType: 'json',
           data: $.trim(frm.serialize()),
           timeout: 10000,
           beforeSend: function() {                  
              $('#loader').css({
                display: "block"
               });
  }

Then on my php server code:

<?php
header('Access-Control-Allow-Origin: *');
header('Content-Type: application/json');
header('HTTP/1.1 200 OK');
{
//more code here..

echo json_encode($result_array);
}

So as you can see I already added a header Access-Control-Allow-Origin: * but it seems doesn't work. What do I need to know to make this error gone? Or what should the possible problem of it?

Update: In firefox this is the console log error:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.example/app/login.php. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing)

Any help? I'm using intel xdk in building my app.

c.k
  • 1,075
  • 1
  • 18
  • 35

2 Answers2

1

I don't think your problem has anything to do with access-control

From your error:

The response had HTTP status code 500

Suggests that your application crashed. As a result, the Access-Control-Allow-Origin header was never properly set. When access-control is the problem, the browser (Firefox anyway) shows status code 401 Unauthorized, not 500 server error

Look in your error logs for the cause of the crash. Also try disabling .htaccess and see if the error persists because broken rules/config are a common cause of crashes

BeetleJuice
  • 39,516
  • 19
  • 105
  • 165
  • I am using google chrome. I tried using firefox and this was the error: [HTTP/1.1 500 Internal Server Error 2170ms] – c.k Aug 09 '16 at 04:30
  • Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://www.example.com/app/login.php. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). – c.k Aug 09 '16 at 04:31
  • that agrees with my answer. When CORS is the problem, Firefox returns code `401`. Because you get code `500` I think the root problem is elsewhere; you experienced a crash before your CORS header could be set. So the browser tells you it never received the header. – BeetleJuice Aug 09 '16 at 04:34
  • I just wondering why it runs smoothly on my localhost without any error.. :/ – c.k Aug 09 '16 at 04:39
  • There's probably a difference in the server setup. You may just be missing some PHP extensions. – Robin Neal Aug 19 '16 at 08:19
0

The ajax send error as 500 Internal Server Error because there is something wrong with the server side (php code) in which the function used is for higher PHP version. My host php version is lower that I am using on local machine. Trying to rewrite the code and test first its respond data online fixed my issue. There's nothing wrong with the ajax request code.

c.k
  • 1,075
  • 1
  • 18
  • 35
  • I'm glad you worked it out: With all due respect c.k, I told you that it wasn't about CORS, that it was a server-side script error 10 days ago and asked you to look at your error log for details but you kept raising doubts about my answer. If an answer is useful, you should upvote it – BeetleJuice Aug 19 '16 at 08:26
  • No problem @BeetleJuice. Thank you for help. – c.k Aug 19 '16 at 08:30
  • ** – BeetleJuice Aug 19 '16 at 08:33