0

I am making an ajax call to check username availability. The url to call is hardcoded in the js file. e.g http://abc.com/users/check_availability.

Now when i make the ajax call from http://abc.com it works fine, however if i make the call from http://www.abc.com, it gives a cross domain error.

XMLHttpRequest cannot load http://abc.com/users/check_availability?username=sd. Origin http://www.abc.com is not allowed by Access-Control-Allow-Origin.

How do i resolve this ? Is jsonp the only way ?

Improve this question
1
  • Redirect any requests for pages on www.abc.com to abc.com. You can do this with mod_rewrite if you're using Apache. Commented Jun 21, 2013 at 7:40

1 Answer 1

Reset to default
1

Have you tried setting alternate HTTP header values when your service returns data: 

Access-Control-Allow-Origin:*

Access-Control-Allow-Headers:"Content-Type, X-Requested-With, X-Auth-Token"

This worked for us when trying to make REST calls to services under different sub-domains.

You don't have to make Access-Control-Allow-Origin: * you can probably be more restrictive. But we tried this just to check if it will work.

Just to clarify - we still use json and not jsonp

Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Thanks Sharath, we added header("Access-Control-Allow-Origin: http:// www . abc.com") in abc.com/users/check_availability and it started working.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.