0

I am having problem with my Jquery+ajax call that will consume one of my web service method via cross domain. i have been trying all the possible way to accomplish but still no success. please help me with what i am doing wrong. may be i need to configure web server for some security settings? below is my code. please let me know if you have any question regarding with my code.

I added this in web.config of my web service.

    <system.webServer>
    <httpProtocol>
        <customHeaders>
            <add name="Access-Control-Allow-Origin" value="*" />
        </customHeaders>
    </httpProtocol>
</system.webServer>

and this to my application

$(document).ready(function() {
    $.support.cors = true;
        $.ajax({
            url:'http://si-cb01:10000/service1.asmx/GetJsonData',
            type: 'GET',
            crossDomain: true,
            contentType: "application/json; charset=utf-8",
            dataType: "json", // change data type to jsonp
            success: function (response) {
                alert(response.d);
                Result = response.d;
            },
            error: function (response) {
                alert("Error");
            }
        });
    });

IE Console showed this error

XMLHttpRequest: Network Error 0x80070005, Access is denied.

Google Chrome Console showed this error .

XMLHttpRequest cannot load http://si-cb01:10000/service1.asmx/GetJsonData. Here si-cb01 is nothing but system name with IP 192.168.*.***

Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'http://localhost:xxx' is therefore not allowed access.
The response had HTTP status code 500.

I looked up the problem and it seems to be a Missing Cross-Origin Resource Sharing (CORS),but I cannot understand the solution for this.

Improve this question
14
  • I had this issue in the past and the solution came from adding to my TOMCAT server a small piece of XML that relaxed the restriction. The error is from the fact that (apparently) your application is running in one domain while you are approaching a server in a different domain. Must confess, it took me quite a while to overcome this issue. Commented Jul 5, 2016 at 7:51
  • Is the domain of the web service server same as web server? Commented Jul 6, 2016 at 6:12
  • 1
    FYI: CORS policy also applies when the ports differ, even if the domain is the same, which means calling http://domain:123/ from http://domain:789/ also requires the CORS to be set. Commented Jul 6, 2016 at 6:23
  • Hii already my code includes all the functionality you explained in web.config thoughit is showing same error.as i said before when i put jsonp it is through error "Failed to load resource: the server responded with a status of 500 (Internal Server Error)" Commented Jul 6, 2016 at 6:37
  • Area you sure you put the mentioned config at the right place? It should be placed inside the web.config of the server application, no the client application. Using JSONP will not work by default, as I explained in my answer. Commented Jul 6, 2016 at 7:22

2 Answers 2

Reset to default
2

To enable CORS on IIS add the following to the web.config file of your server application:

<configuration>
 <system.webServer>
   <httpProtocol>
     <customHeaders>
       <add name="Access-Control-Allow-Origin" value="*" />
     </customHeaders>
   </httpProtocol>
 </system.webServer>
</configuration>

Just for explanation, when you are calling some service which is hosted on different domain (other than your application), browser sends preflight request (request with http OPTION verb instead of POST or GET) and it waits for the answer. The answer, which comes from the server, means whether the server can respond to the client request or not, according to the CORS policy. You can use JSONP only if the service can responds with JSONP, in that case the response is wrapped something like this:

jsonp_callback(<YOUR JSON>)

where jsonp_callback is global function which is used to get the JSON and to send it to the ajax callback function.

To find more about how to enable CORS visit this site http://enable-cors.org/

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

0

This is because your ASMX service is not configured to serve requests from other domains for security reasons. All you need is to add this in web.config of your web service.

<system.webServer>
    <httpProtocol>
        <customHeaders>
            <add name="Access-Control-Allow-Origin" value="*" />
        </customHeaders>
    </httpProtocol>
</system.webServer>

Please note that this will allow all websites to access your webservice. If you want only a specific site to access your web service, change the custom header like this

<add name="Access-Control-Allow-Origin" value="http://example-site.com" />

This will give you a detailed idea on CORS: http://enable-cors.org/

P.S: Please refrain from using success and error callbacks while using $.ajax as they are deprecated.

Deprecation Notice: The jqXHR.success(), jqXHR.error(), and jqXHR.complete() callbacks are removed as of jQuery 3.0. You can use jqXHR.done(), jqXHR.fail(), and jqXHR.always() instead.

Update: Try setting these too.

In web.config

<location path="service1.asmx">
    <system.web>
        <webServices>
            <protocols>
                <clear />
                <add name="HttpGet" />
                <add name="HttpPost" />
            </protocols>
        </webServices>
    </system.web>
</location>

Decorate your method like this

[ScriptMethod(UseHttpPost = true)]
public string GetJsonData()
{
    return "Hello World";
}
Improve this answer

5 Comments

Hii naveen already my code includes all the functionality you explained in web.config thoughit is showing same error.as i said before when i put jsonp it is through error "Failed to load resource: the server responded with a status of 500 (Internal Server Error)"
CORS wont be an issue if the web config is set. Which IIS Server are you using? JSON request will be fine. No need for jsonp here.
IIS7 we are using. and again made slight modification according to u r explanation above in web.cong and found no result
are you sure that the path is as said by @xxxmatko like this? enable-cors.org/server_iis7.html. Try running a simple request if the json is complicated
naveen ya <add name="Access-Control-Allow-Origin" value="*" />is added but no result same issue as explained above

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.