Jump to content

- - - - -

Ajax POST request doesn't work with HTTPS

  • Please log in to reply
1 reply to this topic

#1 Dredd2000


    Forum Newcomer

  • Members
  • Pip
  • 82 posts

Posted 10 November 2017 - 08:29 PM

Hello all,


I've recently updated to HTTPS and I've found that my Ajax functions are not working.  At first I got a CORS error message but I've managed to pick up a couple of lines of code from web forums that have had the same problem and the error message has changed to a 403 error message, (meaning that the file is forbidden), which is interesting as since upgrading to HTTPS my site sometimes can't find, or is not accessing some of my images and/or files. 


Therefore it might be my .htaccess file, (I used to have a basic .htaccess file when the site was HTTP but I've had to google .htaccess with HTTPS).  Here's my .htaccess file:


      Options +FollowSymLinks
RewriteEngine On
   RewriteCond %{HTTPS} off [OR]
   RewriteCond %{HTTP_HOST} !^www\. [OR]
   RewriteCond %{HTTP_HOST} ^mysite.com\.com$ [NC]
   RewriteRule ^ https://www.mysite.com%{REQUEST_URI} [R=301,L,NE]
   RewriteCond %{THE_REQUEST} ^[A-Z]+\ /index\.php(/[^\ ]*)?\ HTTP/
   RewriteRule ^index\.php(/(.*))?$ mysite.com/$2 [R=301,L]
   RewriteCond %{REQUEST_FILENAME} !-f
   RewriteCond %{REQUEST_FILENAME} !-d
   RewriteRule .* index.php/$0 [PT,L]


It's possible that this file is responsible for not allowing my site to access certain files and images.  I've also added the snippet of my Ajax request here, (just in case there's something wrong with the function:


                        url: "/my_php_file/my_function",
                        crossDomain: true,
                        contentType: "application/x-www-form-urlencoded",
                        xhrFields: {
                            withCredentials: true
                        headers: {
                            'Access-Control-Allow-Origin': '*'
                        type: 'POST',
                        data: data,
                        success: function(msg) {


I've tried adding the following and/or changing the following lines of code but it still doesn't work:


     url: "/my_php_file/my_function/",
     url: "https://www.mysite.com/my_php_file/my_function",
     dataType: 'jsonp',
     dataType: 'json',
     dataType: 'html',


The above lines are code I've added, (they've not been added all together), but it's just so everyone knows what different permutations I've tried.  It's a good possibility that it's the .htaccess file as some of my images and files don't work, or both so can anyone can help out on both or either?


Thanks in advance.

#2 rallport


    Laravel 5 Rocks

  • Moderators
  • PipPipPipPipPipPip
  • 5,950 posts
  • Gender:Male
  • Location:England, UK
  • Experience:Web Guru
  • Area of Expertise:Web Developer

Posted 12 November 2017 - 12:21 PM

Firstly, you ajax script is blocking - when you wouldn't make it async in 2017 is beyond me, but still. We have promises to play with now :)


What is the exact response from your server when you make a post request to the secure endpoint? Try running the request using something like postman to save your sanity. 


Anyways, I've only come across this once. When I making a get request to a https url from a none http page. I'm fairly sure the "withCredentials" and contents types params are not required.


If you're sure your server is correctly configured try building up a very simple post request first that posts to a very simple script (that returns the posted data). i.e. 

  url: "/your/simple/url",
  method: "POST",
  data: { id : 123, foo : 'bar' }
}).done(response => {
}).fail((jqXHR, textStatus) => {
  console.warn(textStatus, jqXHR);

If you're still running into issues try looking into using jsonp.


Also, why still JQuery for ajax (or Jquery at all!)? Have a look into the beautiful Axios

Edited by rallport, 12 November 2017 - 12:21 PM.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users