CODEWITHSUNDEEP
ajaxjsongoogle-chromeamazon-s3cors
Thayne
Thayne

Reputation: 6992

Chrome: GET request cancelled for CORS HTTPS request

I am trying to make an AJAX request to download a JSON file from S3 using the following code:

$.ajax({
    'type':'GET',
    'url':this.baseUrl + publicationId + "/document.json",
    'crossDomain': true,
    'dataType':'json',
    'success':function(data) {
        console.log('got document.json');
    }
});

This works fine in Firefox, and it works if the baseUrl is http ://<s3-url>, but if it is https://, then Chrome cancels the request with the error:

XMLHttpRequest cannot load https ://s3.amazonaws.com/<bucket-name>/<pub-id>/document.json. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https ://localhost.office.lucidpress.com' is therefore not allowed access.

Making the same request with CURL does have the following header: "Access-Control-Allow-Origin: *".

Why doesn't this work for Chrome, and is there any workaround?

Note: I put spaces in the URLs to prevent them from becoming links.

Upvotes: 3

Views: 7207

Answers (1)

Ross Taylor-Turner
Ross Taylor-Turner

Reputation: 3765

Chrome will send a pre-flight OPTIONS request to see if the GET can be performed. What headers do you receive if you curl -X OPTIONS -i https://s3.amazonaws.com/<bucket-name>/<pub-id>/document.json? You most likely need to add Access-Control-Allow-Headers to your server response to also allow any extra headers Chrome may be sending on the OPTIONS request, i.e. Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept

Alternatively, as this is a https request, your answer may be Why Chrome cancel CORS OPTION request

Upvotes: 1

Related Questions