What is proper way to call Ajax request using JQuery when dealing with CORS?
I use this JavaScript code for ajax call:
$.ajax({
type: "GET",
url: setup.services_domain + "/?type=ajax_cart",
data: g,
dataType: "html",
crossDomain: true,
headers: {
"Access-Control-Allow-Origin":"*"
},
xhrFields: { withCredentials: true },
encode: !0
}).done(function (a) {
})
I always get an error:
Access to XMLHttpRequest at 'http://www.services.mysite.sk/?type=ajax_cart&action=add&product_number=462374ML&quantity=1' from origin 'http://www.mysite.sk' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: Redirect is not allowed for a preflight request.
Main site is http://www.mysite.sk
which is shop, and I have subdomain for all Ajax & API calls http://www.services.mysite.sk
called services.
Both for main site and services have set these headers:
Header set Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Headers "*"
Websites runs on same server with Debian 9 and Apache2 as webserver.
I know that these settings aren't good for production use, but I test it on dev server, and I have problems with these Ajax calls, I just don't know what is wrong with it.