vendredi 2 mars 2018

Cors Ajax request works on subdomain but not on main domain

I have coded a API with laravel on a subdomain called backend.example.com. If I try to get informations from my API from another subdomain called partner.example.com I have no problems to verfiy myself and get those informations. This is the Ajax request:

But if I am trying to do exactly the same with the main domain called example.com I get this error:

Failed to load https://backend.example.com/api/v1/leads/showAdmin: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://example.com' is therefore not allowed access.

This is the Ajax for the main domain:

    var ajaxArray = {
        "fromDate": from,
        "toDate": to
        };

    console.log(ajaxArray);

    jQuery.ajax({
        url: ("https://backend.example.com/api/v1/leads/showAdmin"), 
        type: "POST",
        data: ajaxArray,
        crossDomain: true,
        headers : {
        "Authorization": "Basic " + btoa("api@example.com" + ":" + "123456"), 
        "Accept": "application/json"
        },
        error: function() { alert("Error"); },
        success: function(result){
            alert("Working");
        });
    }});

And this is my Ajax request from the subdomain which is wokring:

    var ajaxArray = {
        "fromDate": from,
        "toDate": to,
        "table": "no",
        "userID": 20
    };

console.log(ajaxArray);

jQuery.ajax({
    url: ("https://backend.example.com/api/v1/leads/show"), 
    type: "POST",
    data: ajaxArray,
    crossDomain: true,
    headers : {
    "Authorization": "Basic " + btoa("api@example.com" + ":" + "123456"), 
    "Accept": "application/json"
    },
    error: function() { alert("No"); },
    success: function(result){
        alert("Working");
    });
}});

But I don't get it, because I have allowed all .... See here:

<?php

return [

    /*
    |--------------------------------------------------------------------------
    | Laravel CORS
    |--------------------------------------------------------------------------
    |
    | allowedOrigins, allowedHeaders and allowedMethods can be set to array('*')
    | to accept any value.
    |
    */

    'supportsCredentials' => false,
    'allowedOrigins' => ['*'],
    'allowedOriginsPatterns' => [],
    'allowedHeaders' => ['*'],
    'allowedMethods' => ['*'],
    'exposedHeaders' => [],
    'maxAge' => 0,

];

Would appreciate any kind of help! Kind regards



via Chebli Mohamed
Publié par à
Libellés :

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)