difference between browser and script - javascript

I have my own node.js written in C. When I open the browser and browse to 192.168.0.150:8000/index and call the script:
var socket = io.connect("/index");
socket.on('connect', function() {
$('#onindex').addClass('connected');
});
every thing is OK.
BUT:
When I try to:
var socket = new io.Socket('192.168.0.150', {port: 8000 });
socket.connect("/index.html");
I get the following error on the Javascript console:
XMLHttpRequest cannot load 192.168.0.150/index.html:80/socket.io/xhr-polling//…. Origin null is not allowed by Access-Control-Allow-Origin.
This indicates to me that the server can't find it.
How can I fake the JS to think I'm browsing?

Let's break down your error message
XMLHttpRequest
The problem was with XMLHttpRequest (on the side running the script)
cannot load 192.168.0.150/index.html:80/socket.io/xhr-polling//….
it couldn't load the page
Origin null is not allowed by Access-Control-Allow-Origin.
because it is not allowed to by Access-Control-Allow-Origin settings preventing an origin of null.
You can read up about access control here on MDN. An origin of null can arise from a page located on a data URI or using the file: protocol. This is part of the same-origin policy which you can read about here. You may have to set up CORS on your server to get it to work.

Related

No 'Access-Control-Allow-Origin' header is not present always shows no matter what url I try to use

I am trying to learn how to parse APIs using javascript and so I am trying to get some json through some get calls.
In my script I have
<script>
function foo() {
var request = window.superagent;
var url = 'http://www.google.ca';
request
.get(url, function(response) {
console.log(response);
})
.set('Accept', 'application/json');
}
foo();
</script>
No matter what url I use, I always get this error
XMLHttpRequest cannot load http://www.google.ca/. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://server.com' is therefore not allowed access.
(index):22 Error: Origin is not allowed by Access-Control-Allow-Origin
at s.crossDomainError (https://cdnjs.cloudflare.com/ajax/libs/superagent/1.2.0/superagent.min.js:1:7899)
at XMLHttpRequest.s.end.D.onreadystatechange (https://cdnjs.cloudflare.com/ajax/libs/superagent/1.2.0/superagent.min.js:1:8551)
I tried using various example get request urls like wikipedia, nba stats, google etc...that work fine when I enter the url into my browser but it does not work when I try to use javascript to download the data.
I am using a local apache2 server on my ubuntu laptop. I am also using the superagent library for javascript, but i also tried using jquery and ajax and it's the same error.
so apparently I need to use a url that uses cors. The thing is
http://savvastjortjoglou.com/nba-shot-sharts.html?utm_source=Python+Weekly+Newsletter&utm_campaign=5185ff0538-Python_Weekly_Issue_202_July_30_2015&utm_medium=email&utm_term=0_9e26887fc5-5185ff0538-312727397
this tutorial just did a requests.get(url) which was the nba stats url and got his data. He did not get an error? How can I use a url that doesn't use cors to get data?
CORS is implemented on the browser end as well, to not allow javascript load malicious content from unknown sites. You should also try using the CORS plugin if you are still trying to scrap on the client side.
https://chrome.google.com/webstore/detail/allow-control-allow-origi/nlfbmbojpeacfghkpbjhddihlkkiljbi?hl=en

What is wrong with my HTTP over AJAX (javascript)

My code:
var answer_array = [];
var req = new XMLHttpRequest();
req.onload = function() {
answer_array = answer_array.concat(JSON.parse(this.responseText).results);
console.log(answer_array);
}
req.open("GET", "https://api.comettracker.com/v1/gpsdata?fromdate=2015-10-13");
req.setRequestHeader("authorization", "Basic Base64 encoded credentials");
req.setRequestHeader("cache-control", "no-cache");
req.setRequestHeader("postman-token", "b94725ff-408b-c82e-a985-6c38feb380af");
req.send();
This is what is in my console:
scripts2.js:22 OPTIONS https://api.comettracker.com/v1/gpsdata?fromdate=2015-10-13 (anonymous function) # scripts2.js:22
2015-10-21 12:41:09.059 index.html:1 XMLHttpRequest cannot load https://api.comettracker.com/v1/gpsdata?fromdate=2015-10-13. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 405.
When I go to the network tab on Chrome I see this:
gpsdata?fromdate=2015-10-13 OPTIONS 405 xhr scripts2.js:22 0 B 452 ms
This error message:
No 'Access-Control-Allow-Origin' header is present on the requested resource
means that you are running into a cross origin permission issue which means that you are trying to access a site that does not permit access from the domain that your page is on. If your page is on your local drive being accessed with a file:// URL, then the first thing you can do is to put it on an actual web server and try it there since file:// URLs have some additional restrictions on them.
If that doesn't work either, then the issue is that the api.comettracker.com site is not allowing access from your particular site.
When I put your code into a jsFiddle and try it there and look at the network trace, what I see there is that the OPTIONS method which is used to pre-flight a cross origin request is being rejected by api.comettracker.com which tells the browser the cross origin request as currently formatted is not permitted.
I get a different error if your custom headers are removed from the request so I think that there's something incorrect about your custom headers. Since I don't know that particular API, don't have your access credentials or know how to use them, I don't know what exactly to suggest for the headers, but I think that's the place to start.

XMLHttpRequest cannot load file. Origin null is not allowed by Access-Control-Allow-Origin

$.getJSON('test1.json', function(data)
{
for (i in data.conferences) {
var item = data.conferences[i];
array1.push({
cid:item.id,
confName: item.cname,
confStart:item.start
}); }
});
I use the function for getting values from java to jquery. In chrome and opera shows same error, but it works on IE and mozilla.
Give me a solution for that please.
XMLHttpRequest cannot load file:///C:/Users/winnova1/Desktop/tree/conferences/test1.json. Origin null is not allowed by Access-Control-Allow-Origin.
Uncaught TypeError: Cannot read property 'conferences' of null
For security reasons, on Chrome and Opera you cannot use XMLHttpRequest to load local files.
You must run it on a web server, even if that web server is running on localhost.

XmlHttprequests

Hi i am trying to get xmlhttp requests to a local server which inturn connects to outside network.i chrome i am getting an error
XMLHttpRequest cannot load http://mydomain.com:58947 Origin http://mydomain.com is not allowed by Access-Control-Allow-Origin.
This is not a cross domain request since it is same domain but different port numbers.
I am getting a response of 0 instead of 200 in ff and chrome,but in IE its working perfectly.
Any help regarding this issue will save me!!
You need to give relative path instead of begin with http://mydomain.com

Xmlhttprequest Cross site domain issue?

been stuck with an issue for sometime and not getting the best solution for this yet.
I am calling an xmlhttprequest (POST)from a javascript residing at server say 'http://localhost:8080' to another server 'http://localhost:9090'
Getting an browser error As mentioned below:
Exception... "Component returned failure code: 0x80004005 (NS_ERROR_FAILURE)"  nsresult: "0x80004005 (NS_ERROR_FAILURE)" 
 
The error doesnt point anything specific either. Did test the same by calling from same server and worked fine. But i am looking at two server architecture.
Any resolution/ideas ? Saw few posts on setting response headers with cross domain origin as '*',but not sure exactly how to set response headers for xmlhhtprequest calls?
Since the origins of the entities that are trying to communicate are the same in the host part but different in the port part (localhost:8080 <-> localhost:9090) -- this violates the same origin policy and the browser throws an error. See this for more info: http://en.wikipedia.org/wiki/Same_origin_policy
The way to get around this is to use CORS headers in the HTTP responses returned by the server. The fact that you are using XHR to generate the HTTP requests makes no difference. Basically, what you need to do is add a Access-Control-Allow-Origin: * or Access-Control-Allow-Origin: http://localhost:8080 to your responses for POST requests to http://localhost:9090. This of course assumes that you have control over the server resource you are POSTing to so that you can modify the response headers. See this for more info: http://enable-cors.org/ and http://en.wikipedia.org/wiki/Cross-Origin_Resource_Sharing

Categories