Geek Answers Handbook

Cross-Origin Request Blocked Reason: CORS preview channel failed

I created one phonegap application in which I call the WCF service, which is in the nopCommerce plugin.

I get the following error when sending api request:

Cross-request request is blocked: a policy of the same origin prohibits reading a remote resource at http://testwebsite.com/Plugins/NopRestApi/RemoteService/WebService.svc/GetData . (Reason: CORS preview channel failed).

Cross-request request is blocked: a policy of the same origin prohibits reading a remote resource at http://testwebsite.com/Plugins/NopRestApi/RemoteService/WebService.svc/GetData . (Reason: CORS request failed).

API call using Ajax

$.ajax({ crossDomain: true, type: "POST", contentType: "application/json", async: false, url: "http://testwebsite.com/Plugins/NopRestApi/RemoteService/WebService.svc/GetData", data: "{storeId:" + storeId + ", languageId:" + languageId + ", customerId:" + customerId + "}", //data: { storeId: storeId, languageId: languageId, customerId: customerId }, dataType: 'json', //jsonp: false, success: function (data) { alert(data.d); }, error: function (xhr, textStatus, error) { alert("Error! " + error); } });

In my Web.config file, I added the following research to Google.

 <httpProtocol> <customHeaders> <add name="Access-Control-Allow-Origin" value="*" /> <add name="Access-Control-Allow-Headers" value="Content-Type" /> </customHeaders> </httpProtocol>

I tried many ways to even turn off browser cross-request request checking, by following How do I temporarily disable XSS protection in modern browsers for testing? but still the same problem persists.

Does anyone have a similar problem and resolved?

Thanks!

+5
source share
3 answers

In global.asax:

 Sub Application_BeginRequest(ByVal sender As Object, ByVal e As EventArgs) ' Fires at the beginning of each request If Request.HttpMethod = "OPTIONS" Then Response.Flush() End If End Sub

And in the allow method in web.config also add options.

 <?xml version="1.0" encoding="utf-8"?> <configuration> <appSettings> <add key="aspnet:MaxJsonDeserializerMembers" value="1000000" /> </appSettings> <connectionStrings/> <system.web> <compilation debug="true" strict="false" explicit="true" targetFramework="4.5.1"/> <pages controlRenderingCompatibilityVersion="3.5" clientIDMode="AutoID"> <namespaces> <clear/> <add namespace="System"/> <add namespace="System.Collections"/> <add namespace="System.Collections.Specialized"/> <add namespace="System.Configuration"/> <add namespace="System.Text"/> <add namespace="System.Text.RegularExpressions"/> <add namespace="System.Web"/> <add namespace="System.Web.Caching"/> <add namespace="System.Web.SessionState"/> <add namespace="System.Web.Security"/> <add namespace="System.Web.Profile"/> <add namespace="System.Web.UI"/> <add namespace="System.Web.UI.WebControls"/> <add namespace="System.Web.UI.WebControls.WebParts"/> <add namespace="System.Web.UI.HtmlControls"/> </namespaces> </pages> <authentication mode="Windows"/> <webServices> <protocols> <add name="HttpGet"/> <add name="HttpPost"/> </protocols> </webServices> </system.web> <system.webServer> <staticContent> <mimeMap fileExtension=".apk" mimeType="application/octet-stream"/> </staticContent> <handlers> <remove name="ExtensionlessUrlHandler-Integrated-4.0"/> <remove name="OPTIONSVerbHandler"/> <remove name="TRACEVerbHandler"/> <add name="ExtensionlessUrlHandler-Integrated-4.0" path="*." verb="*" type="System.Web.Handlers.TransferRequestHandler" preCondition="integratedMode,runtimeVersionv4.0"/> </handlers> <httpProtocol> <customHeaders> <add name="Access-Control-Allow-Methods" value="POST,OPTIONS,GET"/> <add name="Access-Control-Allow-Headers" value="Cache-Control, Pragma, Origin, Authorization, Content-Type, X-Requested-With, Accept"/> <add name="Access-Control-Allow-Origin" value="*"/> </customHeaders> </httpProtocol> </system.webServer> <runtime> <assemblyBinding xmlns="urn:schemas-microsoft-com:asm.v1"> <dependentAssembly> <assemblyIdentity name="System.Web.Cors" publicKeyToken="31BF3856AD364E35" culture="neutral"/> <bindingRedirect oldVersion="0.0.0.0-5.2.3.0" newVersion="5.2.3.0"/> </dependentAssembly> </assemblyBinding> </runtime> <system.web.extensions> <scripting> <webServices> <jsonSerialization maxJsonLength="4000000" /> </webServices> </scripting> </system.web.extensions> </configuration>

Sorry global.asax in VB cuz I'm a VB guy, I think you can convert it to C #.

According to your request, update the following:

 function funCheckWS() { var tblLogin = {}; tblLogin.strLoginName = "UserName"; tblLogin.strPassword = "123456"; jQuery.support.cors = true; $.ajax({ type: 'POST', url: 'http://www.example.com/wsMain.asmx/funCheckWS', data: "{tblLogin:" + JSON.stringify(tblLogin) + "}", contentType: 'application/json; charset=utf-8', dataType: 'json', crossDomain: true, // async: false, async: true, success: function (r) { // Browser support WS gloBolWS = true; // alert("funCheck: " + rdstrPassword); }, error: function (xhr, ajaxOptions, thrownError) { // Browser does not support WS //alert(xhr.status); //alert(thrownError); } }); }

Below are my web services in VB (clsSQL is a class written in VB that contains the functions of all my business logics and can access the sql server):

 Imports System.Web.Services Imports System.Web.Services.Protocols Imports System.ComponentModel Imports System.Web.Script.Serialization Imports System.Web.Script.Services Imports System Imports System.Collections.Generic Imports System.Linq Imports System.Web <System.Web.Script.Services.ScriptService()> _ <System.Web.Services.WebService(Namespace:="http://tempuri.org/")> _ <System.Web.Services.WebServiceBinding(ConformsTo:=WsiProfiles.BasicProfile1_1)> _ <ToolboxItem(False)> _ Public Class wsMain Inherits System.Web.Services.WebService Private clsSQL As New wxdlSQL.clsSQL() Private tblLogin As tabLogin <WebMethod()> _ <ScriptMethod(ResponseFormat:=ResponseFormat.Json)> _ Public Function funCheckWS(tblLogin As tabLogin) As tabLogin tblLogin.strLoginName += "Hello World" Return tblLogin End Function End Class

The following is a data type definition for parameters:

 Public Class tabLogin Private _loginname As String Public Property strLoginName As String Get Return _loginname End Get Set(ByVal value As String) _loginname = value End Set End Property Private _password As String Public Property strPassword As String Get Return _password End Get Set(ByVal value As String) _password = value End Set End Property End Class
+3
source

You need to allow cross domain request from your WCF service.

 Response.AppendHeader("Access-Control-Allow-Origin", "*");

add this to your function, but add this before returning data from the function.

How can I use the Access-Control-Allow-Origin header in asp.net .

+2
source

In your Global.asax add the following code:

 protected void Application_AuthenticateRequest(object sender, EventArgs e){ Response.AddHeader("Access-Control-Allow-Origin", "*"); if (Context.Request.HttpMethod.Equals("OPTIONS")){ Response.AddHeader("Access-Control-Allow-Methods", "GET, POST, OPTIONS"); Response.AddHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept"); Response.StatusCode = (int)System.Net.HttpStatusCode.OK; Context.ApplicationInstance.CompleteRequest(); } }

This should work

+1
source

More articles:


All Articles