CORS issue on same domain Ajax/PHP

View Original

I'm facing a CORS problem with an ajax call. I have a php file called through ajax with the following headers

header('Access-Control-Allow-Origin: * ');
header('Access-Control-Allow-Methods: GET, ADD, POST, PUT, DELETE, OPTIONS');
header('Access-Control-Allow-Headers: *'); // also tested with Content-Type, x-requested-with

There is no error when the file is called from

http://www.mywebsite.com

but it throws a 403 forbidden error when it's called from

https://mywebsite.com
https://www.mywebsite.com

To be more specific the GET is ok, but the ADD is not allowed. As we're talking about the same domain, i don't understand why there's a '403' error

Thanks for your help,

Answer

Solution:

what php framework if this is laravel you are using make sure you see the file config/cors.php or the file VerifyCsrfToken

     protected $except = [
        '*'
    ];

Source
© 2021
E-mail: contact@webdevask.com
Back to top