Jump to content

Recommended Posts

I want to know how to hit a webpage that is not on your domain. I am doing an AJAX request right now, but receiving the following error in my console:

 

 

XMLHttpRequest cannot load https://bpb.opendns.com/a/www.playboy.com. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://filter.localhost' is therefore not allowed access. 

 

The site I'm trying to hit does this weird cookie thing. I already spoke with their web administrator and he said the first time they access that site, it sets the cookie so they have to refresh in order to see if they can bypass a webpage they are trying to access..

 

I'm not sure if there is anyway to go about doing this since I can't go the AJAX route. But I don't have the capability of refreshing the user once they go on that page since it's not under my server or whatever. The only thing I could think of was AJAX which is not an option now.

<?php include('scripts/config.php');

//Declare Variables
$filter = new Filter();
$byPasscode = $filter->getBypassCode();
$openDns = "https://bpb.opendns.com/a/" . $_GET['url'];

echo 'Redirecting...';

?>

<html>
<head></head>
<body>
	<form method="post" name="bypassForm" id="bypassForm" action="<?php echo $openDns ?>" style="display:none">
		<input type="text" size="15" name="textBypassCode" id="textBypassCode" autocomplete="off" value="<?php echo $byPasscode; ?>" />
		<input type="password" size="15" name="passwordBypassCode" id="passwordBypassCode" style="display:none;" value="<?php echo $byPasscode; ?>" />
		<input type="hidden" name="code" id="bypassCode" value="<?php echo $byPasscode; ?>" />

		<input type="submit" value="Continue" />
	</form>

	<script src="//ajax.googleapis.com/ajax/libs/jquery/1.11.1/jquery.min.js"></script>
	<script type="text/javascript">
		//setTimeout(function(){
			var textBypassCode = $('#textBypassCode').val();
			var passwordBypassCode = $('#passwordBypassCode').val();
			var bypassCode = $('#bypassCode').val();

			$.ajax({
				type: 'POST',
				url: $('#bypassForm').attr('action'),
				data: { textBypassCode: textBypassCode, passwordBypassCode: passwordBypassCode, bypassCode: bypassCode }
			})
			.done(function(data) {
				//$('#bypassForm').submit();
			});
		//}, 3000);
	</script>
</body>
</html>
		
		

Up above you can see my code. Thanks for any other options that you may think of.

 

f I understood it right you are doing an XMLHttpRequest to a different domain than your page is on. So the browser is blocking it as it usually allows a request in the same origin for security reasons.

 

Regular web pages can use the XMLHttpRequest object to send and receive data from remote servers, but they're limited by the same origin policy. Extensions aren't so limited. An extension can talk to remote servers outside of its origin, as long as it first requests cross-origin permissions.

 

example of how to do an offsite request using CORS: http://www.html5rocks.com/en/tutorials/cors/

You cannot use XMLHttpRequest (Ajax) to contact an external website without their cooperation. Either they need to allow it by setting the appropriate headers or they need to provide an alternative such as JSONP.

 

What you can do is proxy the request via your server by using PHP and cURL to contact the other site then having your Ajax code communicate with your PHP script instead of the other site directly.

You cannot use XMLHttpRequest (Ajax) to contact an external website without their cooperation. Either they need to allow it by setting the appropriate headers or they need to provide an alternative such as JSONP.

 

What you can do is proxy the request via your server by using PHP and cURL to contact the other site then having your Ajax code communicate with your PHP script instead of the other site directly.

 

I'm trying to do my research, but I can't see if cURL allows you to access that domain without them changing their headers and accepting our domain to talk to theirs. I didn't know if you knew if you could do it without them having to issue something.. or if there was a nice tutorial on how to go about doing this.

A CURL request is basically a normal web request, so the site will send whatever headers it normally sends as if you were visiting the site in your browser. Nothing special needs to be sent on their end like you do with the Access-Control-Allow-Origin using AJAX for cross-site requests.

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.