function readOnly(count){ }
Starting November 20, the site will be set to read-only. On December 4, 2023,
forum discussions will move to the Trailblazer Community.
+ Start a Discussion
Vikash TiwaryVikash Tiwary 

Access-Control-Allow-Origin error CORS Issue

I am facing cross domain error on ajax request in javascript

Ajax Request
 
$.ajax({
                    url:"../oppitm/lineitemsort.jsp?id={!oppID}",
                    contentType:"text/html",
                    xhrFields:{withCredentials:true}
                    }).done (
                    function(data){console.log(data)});
Error
XMLHttpRequest cannot load https://ap1.salesforce.com/oppitm/lineitemsort.jsp?id=00690000007jIM1. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://nsp-demo.ap1.visual.force.com' is therefore not allowed access.

I have enabled below origin urls in CORS
  • https://*.salesforce.com
  • https://ap1.salesforce.com
  • https://nsp-demo.ap1.visual.force.com
Please suggest or any workarounds how this can be resolved
Vikash TiwaryVikash Tiwary
Thanks for your answer, I tried all of these above links as well. When I try using proxy the response returned is redirection of login page but not the actual one expected. Also, i have enabled them in remote site settings but still no luck
Amit Chaudhary 8Amit Chaudhary 8
Are you doing above callout from salesforce to external system then you need to add "https://nsp-demo.ap1.visual.force.com" domain in external System CORS.

 
Atul BaviskarAtul Baviskar
Set Response header with Access-Control-Allow-Origin:'*' from server side.sure this help you
Talha SaqibTalha Saqib
Please try the following resource: https://retrology.net/how-to-fix-no-access-control-allow-origin-header-is-present-on-the-requested-resource-error-in-apex-salesforce/
patricia wildpatricia wild
Access control Miami (http://dicsan.com/access_control/access-control-miami/) is an essential part of security systems that have to be installed in most businesses and homes across the United States of America. It is not only a system that helps you to keep outsiders out. It is also one that keeps you protected against burglars or other threats to your property. Without access control systems, you would be open to whatever anyone could get their hands on since you would not be keeping watch over them. These systems are installed by professionals who know precisely to ensure the security of the premises. They have all the latest technology to ensure that they can protect your business, home, or any other property.
RyanAtTGHRyanAtTGH
I found success by NOT using a wildcard in the CORS allow list, but instead, two static URLS:
- https://tgh.llc
- https://www.tgh.llc

Depending on where your code is hosted could determine which static URL(s) to use.