-1

It was working perfectly but for some time i have stopped working on this project. I am sending a delete request to my server and it gives me this Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://abc.dev/users/users/18. (Reason: CORS preflight channel did not succeed).(unknown)

The API is written in Yii framework. I am using CORS extension for firefox , my GET, POST method working perfectly fine but my DELETE method seems like stuck.

My controller 

$scope.delete = function (id)
    {
        if (confirm("Are you sure you want to delete the user") === true) {
            $http({
                method: 'DELETE',
                url: 'http://abc.dev/users/users/' + id,
                headers: {'Content-Type': 'application/x-www-form-urlencoded'}

            })
                    .success(function (data) {
                        $scope.singleuser = data;
                        console.log("function single user is processed");
                        $scope.user(); //call the function to reload
                    })
                    .error(function (data) {
                        console.log('error');
                    });


        }

My backend APi delete function

 public function actionDelete() {
    switch ($_GET['model']) {
        // Load the respective model
        case 'users':
            $model = User::model()->findByPk($_GET['id']);
            break;
        default:
            $this->_sendResponse(501, sprintf('Error: Mode <b>delete</b> is not implemented for model <b>%s</b>', $_GET['model']));
            Yii::app()->end();
    }
    // Was a model found? If not, raise an error
    if ($model === null)
        $this->_sendResponse(400, sprintf("Error: Didn't find any model <b>%s</b> with ID <b>%s</b>.", $_GET['model'], $_GET['id']));

    // Delete the model
    $num = $model->delete();
    if ($num > 0)
        $this->_sendResponse(200, $num);    //this is the only way to work with backbone
    else
        $this->_sendResponse(500, sprintf("Error: Couldn't delete model <b>%s</b> with ID <b>%s</b>.", $_GET['model'], $_GET['id']));
}

}

I am attaching an image of my network too. enter image description here

aynber
  • 22,380
  • 8
  • 50
  • 63
Usman Iqbal
  • 2,379
  • 5
  • 26
  • 50

3 Answers3

1

You are doing a Cross-Origin Request most browser send an OPTION request before the actual request to check Access-Control-Allow-Origin. If the current domain is allow then the request is performed.

JEY
  • 6,973
  • 1
  • 36
  • 51
0

This is a Server side issue. For security and to save on server load, web servers do not allow Cross origin requests by default.

Since you are working from localhost it is not allowing. It should work just fine from the live website. However if you want to allow Cross origin, you'll have to make changes in the NGINX/Apache .conf file on the server depending on what you are using.

eg: For Nginx you need to add few headers to the request

        add_header 'Access-Control-Allow-Origin' "$http_origin";
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With';
Rishabh
  • 1,205
  • 1
  • 11
  • 20
0

It was a server side issue This document solved my problem https://gist.github.com/sourcec0de/4237402 .

Usman Iqbal
  • 2,379
  • 5
  • 26
  • 50