I'm really struggling to figure out why this CORS request is getting denied. It's been driving me crazy. It gives an error "NetworkError: 500 Internal Server Error - http://api.example.com/v1/users/me" and then a message about cross-domain/CORS in Firebug.
JQuery
jQuery(document).ready(function(){
var settings = {
headers: {
'Authorization': 'Token token= 12345'
},
type: 'GET',
dataType: 'json'
};
var deferred = jQuery.ajax('http://api.example.com/v1/users/me', settings).then(
function(data) {
console.log(data);
}, function(error) {
console.log(error);
}
);
});
Request Headers
OPTIONS /v1/users/me HTTP/1.1
Host: api.example.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:35.0) Gecko/20100101 Firefox/35.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://fiddle.jshell.net
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization
Connection: keep-alive
Response Headers
HTTP/1.0 500 Internal Server Error
Date: Mon, 02 Mar 2015 04:28:29 GMT
Server: Apache/2.2.22
X-Powered-By: PHP/5.5.21
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Pragma: no-cache
Access-Control-Allow-Origin: http://fiddle.jshell.net
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE
Access-Control-Allow-Headers: authorization
Set-Cookie: PHPSESSID=dfa4a0638bcf104d316f7358153bb2f9; path=/
Vary: User-Agent
Content-Type: application/json
X-Cache: MISS from 172.19.134.2
X-Cache-Lookup: MISS from 172.19.134.2:3128
Via: 1.0 172.19.134.2:3128 (squid/2.6.STABLE14)
Connection: close
If anyone is interested, I have this in PHP:
PHP
// Set Headers
header('Access-Control-Allow-Origin: http://fiddle.jshell.net');
header('Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE');
header('Access-Control-Allow-Headers: authorization');
header('Content-Type: application/json; charset=utf-8');
