• Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
    Dedicated community for Japanese speakers
  • 한국 커뮤니티
    Dedicated community for Korean speakers
Exit
0

How and where to enable CORS policy on coldfusion to connect to PAYPAL

New Here ,
Apr 29, 2022 Apr 29, 2022

Copy link to clipboard

Copied

Hi Experts,

I am trying to send billing information to  -  pilot-payflowlink.paypal.com

and I am using AJAX call to do that,

 $.ajax({
      url : "https://pilot-payflowlink.paypal.com",
      headers: {
          "Content-Type": 'application/x-www-form-urlencoded',
          "accept": "application/json",
          "Access-Control-Allow-Origin":"#HostAddress#"
      },
      type: "POST",
      crossDomain: true,
      Accept: "application/json",
      async: true,
      contentType:false,
      processData: false,
      data: data,
      cache: false,
      success : function(data) {  
          alert("Posted Successfully!");
          alert(data);
          console.log(data);
        },
      error :function(data, textStatus, errorThrown){
          alert(JSON.stringify(data));
          console.log(JSON.stringify(data));          
          console.log(textStatus);
          console.log(errorThrown);
      }
    });
 
 
But I am getting CORs message
Bala5FC7_0-1651250591156.png

 

          • Ensure CORS response header values are valid
        1. A cross-origin resource sharing (CORS) request was blocked because of invalid or missing response headers of the request or the associated preflight request .

          To fix this issue, ensure the response to the CORS request and/or the associated preflight request are not missing headers and use valid header values.

          Note that if an opaque response is sufficient, the request's mode can be set to no-cors to fetch the resource with CORS disabled; that way CORS headers are not required but the response content is inaccessible (opaque).

        2. AFFECTED RESOURCES
          1. 1 request
            1.  
          RequestStatusPreflight Request (if problematic)HeaderProblemInvalid Value (if available)
           
           pilot-payflowlink.paypal.com/
          blocked
           
           pilot-payflowlink.paypal.com/
          Access-Control-Allow-OriginMissing Header

           

          I am sure many of you may have seen this message, and so please post the solution if you have one.
      1. I modified web.config
      2. I modified Application.cfc
      3. Added CORS headrs in the page (.cfm) page that I was calling
      4. Sending request from even AJAX call.. but no helping. 

Views

1.6K

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Apr 29, 2022 Apr 29, 2022

Copy link to clipboard

Copied

What's the expected value of #HostAddress# and what's its actual value? It looks like the actual value is an empty string.

 

Dave Watts, Eiddolon LLC

Dave Watts, Eidolon LLC

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Community Expert ,
Apr 29, 2022 Apr 29, 2022

Copy link to clipboard

Copied

LATEST

Actually, I think I just forgot how CORS works. This indicates that you wouldn't need to specify the Access-Control-Allow-Origin header in your AJAX request headers at all, it would simply have to match a corresponding header returned by CF when you requested the page. That kind of makes sense to me, as if I could just inject a block of JavaScript into your page that says "let me use this remote resource" there wouldn't be much point to CORS, I guess. Anyway, here's the page:

 

https://www.webucator.com/article/how-to-make-a-cross-origin-ajax-request/

 

I may still be forgetting how CORS works, or misunderstanding the specific example here. Sorry about that. But good luck!

 

Dave Watts, Eidolon LLC

Dave Watts, Eidolon LLC

Votes

Translate

Translate

Report

Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation