Why is the request not being sent to a third party server even though the header for CORS is configured?

Z

Zorgios2022-01-21 16:59:13

PHP

Zorgios, 2022-01-21 16:59:13

I'm trying to send a GET request from a site https://test.com to https://test2.com

$.get("https://test2.com/test.php", 
{ 
  firstParametr: '123', 
})	
.done(function(data) {
  alert("Data Loaded: " + data);
});

In order to avoid problems with CORs, at the beginning of test.php I added the assignment of a header to requests:

<?
header("Access-Control-Allow-Origin: https://test.com");

Having sent a test request using THIS extension, I checked the headers that are returned:

server: nginx/1.20.1
date: Fri, 21 Jan 2022 13:41:59 GMT
content-type: text/html; charset=UTF-8
content-length: 39
connection: keep-alive
access-control-allow-origin: https://test.com

But, on https://test.com , an attempt to access https://test2.com/test.php ends up with the corresponding error:

Access to XMLHttpRequest at 'https://test2.com/test.php' from origin 'https://test.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

Z

Zorgios, 2022-01-21
@Zorgios

Adding the following lines to .htaccess helped

Header add Access-Control-Allow-Origin "https://test.com"
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"