Access Control Allow Origin - Not Working
I have a PHP API that validates the specified credentials. At the beginning of my PHP file I have this
header('Access-Control-Allow-Origin: http://example.org');
header('Access-Control-Max-Age: 3628800');
header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE');
header('Content-type: application/json');
Though when I use my API (using AJAX) I get this error:
XMLHttpRequest cannot load http://api.example.com/?params=parameters+go+here. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://example.org' is therefore not allowed access.
NOTE. I have reason to believe there is a flaw in AJAX
$.ajax({
url: 'http://api.example.com/?type=verify&username=' + username + '&password=' + password,
dataType: 'json',
success: function( result ) {
success = result['success'];
return success;
}
});
Any help you could provide would be greatly appreciated.
Thanks CSF
+3
source to share