jotform - No 'Access-Control-Allow-Origin' header

  • a2034487
    Asked on August 15, 2015 at 5:39 AM

    using my simple jotform , i want to submit a post using ajax,

     

    $("#contact_psy_btn_submit").click(function(e){
        var formdata = $("#0000000000000").serialize();
        $.post('http://submit.jotform.us/submit.php', formdata);
        e.preventDefault();
        console.log("une demande envoyer");
    });

     

    0000000000000 : (remplaced with jotform id)

     

     

    but i get the error :

    XMLHttpRequest cannot load http://submit.jotform.us/submit.php. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost/' is therefore not allowed access.

     

    can someone help me.

     

     

    thank you

     

  • Elton Support Team Lead
    Replied on August 15, 2015 at 1:33 PM

    Hi,

    You are getting that error due to cross-site HTTP requests. This is a well-known restrictions on browsers, for security reasons. In particular, this meant that you can only make a request to the domain where the form source code was embedded, and not to other domains. However, as far as I know most browsers nowadays would process this request even if this error is fired up. May we know if you're not receiving submissions during your test even if this error appears? I am getting submissions fine when I run a test here.

    Anyway, the most common and easiest way to resolve this is to add the following PHP code on top of the script endpoint.

    <?php header('Access-Control-Allow-Origin: *'); ?>

    This was also suggested on this article http://stackoverflow.com/questions/20433655/no-access-control-allow-origin-header-is-present-on-the-requested-resource-or.

    Hope this helps. Thanks!

     

  • a2034487
    Replied on August 17, 2015 at 9:02 AM

    Hello,

     

    thank you for your response, I tried your test. And I get the same error :

    ----------------------------------

    XMLHttpRequest cannot load http://submit.jotform.us/submit.php. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://shots.jotform.com' is therefore not allowed access.

    -----------------------------------

    Can you please retest with the browser chrome ?

     

     

    and about the php:

    <?php header('Access-Control-Allow-Origin: *'); ?>

    I think, this must be in the part server, in this case (submit.jotform.us)

     

     

    ilyas M.

     

     

  • Boris
    Replied on August 17, 2015 at 10:52 AM

    Yes, you are correct, Ilyas. The Access-Control-Allow-Origin must be present on the target of the request, which means that we would need to set such an allowance on our submit page on our servers. Unfortunately, we can't make such exceptions on our server - our Access-Control-Allow-Origin headers are set to allow our own servers.

    If you wish to make your submissions through Ajax calls, you must submit your forms to a submission page that you control - either on your own server, or on a different server where you have set up this header to accept your initial domain.

    If you want to submit to our servers at JotForm, please try a regular (non-ajax) .submit() method on your form. I hope this helps.

  • a2034487
    Replied on August 17, 2015 at 11:41 AM

    oooh , Great Idea,

    "submit your forms to a submission page that you control - either on your own server, or on a different server where you have set up this header to accept your initial domain."

     

    I will try this,

     

    thank you.

  • Elton Support Team Lead
    Replied on August 17, 2015 at 12:52 PM

    You can give it a try and inform us whenever you need any help.

    By the way, my test was actually just similar to yours, I was only testing the submissions which goes through even of those error appears. :)

  • a2034487
    Replied on August 18, 2015 at 11:48 AM

    After lot of tests, I got a cors access :D

    but now I see in the response a captcha to fill.

    jotform No Access Control Allow Origin header Image 1 Screenshot 20

    Is there a way to juste submiting without this ?

     

     

    ilyas M.

  • Boris
    Replied on August 18, 2015 at 1:33 PM

    Is this Captcha shown to you from our submit subdomain, after using an ajax call to make a submission on it?

    I believe that there is no way to turn the Captcha completely off, as it is shown to try and prevent automatic submissions from bots. You are trying to post data externally from our regular process, and our system is trying to defend itself from a flood of possibly unwanted automatic submissions made by bots, which is why you would be presented with a Captcha field.

    I haven't tested it, since we do not have access to how you have set up your process, but I would recommend adding an actual Captcha field onto your form may help.

    jotform No Access Control Allow Origin header Image 1 Screenshot 20

    Our system has server side validation if users have filled their required fields, or if users may be bots, and similar. This ensures higher quality of your received submissions through our forms.

    I hope adding an actual captcha field to your form helps avoid additional captcha question. Please let us know how it goes.