Cross-Domain AJAX doesn't send X-Requested-With header

ajax http-headers cors cross-domain

If you are using jQuery to do your ajax request, it will not send the header X-Requested-With (HTTP_X_REQUESTED_WITH) = XMLHttpRequest, because it is cross domain. But there are 2 ways to fix this and send the header:

Option 1) Manually set the header in the ajax call: 

$.ajax({
     url: "http://your-url...",
 headers: {'X-Requested-With': 'XMLHttpRequest'}
});

Option 2) Tell jQuery not to use cross domain defaults, so it will keep the X-Requested-With header in the ajax request: 

$.ajax({
  url: "http://your-url...",
 crossDomain: false
});

But with this, the server must allow those headers, then the server needs to print those headers: 

print "Access-Control-Allow-Origin: *\n";
print "Access-Control-Allow-Headers: X-Requested-With, Content-Type\n";

The first line above will avoid the error "Origin is not allowed by Access-Control-Allow-Origin."
The second line will avoid the error "Request header field X-Requested-With is not allowed by Access-Control-Allow-Headers."

Related

Adding a user-defined language in Notepad++
API key Browser API keys cannot have referer restrictions when used with this API
pytest run tests parallel
Coding pattern for random percentage branching?
Python: next() function
Why isn't a function's arguments object an array in Javascript?
What is the reason for the weird syntax of the "case" statement in a bash/zsh script?
Email user that broke build in Teamcity
Resource usage of google Go vs Python and Java on Appengine
What HTTP status codes count as success in jQuery.ajax?
Display relative and absolute line numbers simultaneously in Vim
How can I safely set the user principal in a custom WebAPI HttpMessageHandler?