Cross-Origin Request Blocked on

by

Look at Same Origin Policy. Regarding

This can be fixed by moving the resource to the same domain or
enabling CORS

and the fact you are using WordPress, you can create a proxy very easy like this :

proxy.php :

<?
header('Content-type: application/json');
$url=$_GET['url'];
$json=file_get_contents($url);
echo $json;
?>

Then you want to call a resource outside the domain, as with AJAX, use proxy.php to fake that you are trying access the resource from the same domain. Like :

var url= "my-external-resource.com?param=value";
url="proxy.php?url="+url:
$.ajax({
    url: url,
    dataType: 'json',
    success:  function (data) {
        ...
    }
});

Here the result is expected to be JSON, but just change header / datatype to HTML, XML or whatever if needed.

Update : @Jason raises an interesting point about security. I totally agree. Under normal circumstances one could prevent remote access to files by .htaccess and a <Files> directive :

<Files proxy.php>
    Order Deny,Allow
    Deny from All
    Allow from 127.0.0.1
</Files>

…but this is not satisfactory, since it will prevent using proxy.php in AJAX calls as well. A solution is to check if proxy.php is called by another script :

if (!isset($_SERVER['HTTP_X_REQUESTED_WITH'])) {
    header('HTTP/1.0 403 Forbidden');
    die('You are not allowed to access this file.');     
}

This will allow using proxy.php in javascript AJAX calls, but prevent direct access from remote (or locally). See this answer for more about $_SERVER['HTTP_X_REQUESTED_WITH'] and XMLHttpRequest.

More Related Contents:

  1. how to force list items to go to differents rows?
  2. WordPress how to use jquery and $ sign
  3. TypeError: ‘undefined’ is not a function (evaluating ‘$(document)’)
  4. How do I add a simple jQuery script to WordPress?
  5. Getting Error: Object doesn’t support property or method ‘assign’
  6. jQuery Ajax returning 404 Error, but correct Response
  7. jQuery ajax and SSL?
  8. What does “async: false” do in jQuery.ajax()?
  9. How to fade to display: inline-block
  10. Get the text after span element using jquery
  11. Prevent redirect after form is submitted
  12. JQuery post JSON object to a server
  13. Set value of hidden field in a form using jQuery’s “.val()” doesn’t work
  14. CORS with jQuery and XDomainRequest in IE8/9
  15. Twitter Bootstrap Use collapse.js on table cells [Almost Done]
  16. What CSS3 selectors does jQuery really support, e.g. :nth-last-child()?
  17. jQuery UI autocomplete with JSON
  18. auto resize text (font size) when resizing window?
  19. Is there a way to prevent overlapping events in jQuery FullCalendar?
  20. JQuery AJAX Consume SOAP Web Service [closed]
  21. Call external JS file based on “media screen” value
  22. Validating array inputs using jquery validation plugin
  23. Using jQuery how do I select a range of rows?
  24. How add spaces between Slick carousel item
  25. Fading elements in and out without changing the layout of the page
  26. jQuery web page height
  27. Unselect what was selected in an input with .select()
  28. Working with single page websites and maintaining state using a URL hash and jQuery
  29. jQuery Deferred – getting result of chained ajax calls
  30. jquery get only all html elements with ids

Leave a Comment