Re: XMLHttpRequest cannot load. No 'Access-Control-Allow-Origin' header is present on the requested resource.

Anonymous
Not applicable

XMLHttpRequest cannot load. No 'Access-Control-Allow-Origin' header is present on the requested resource.

Trying to send an ajax request to Marketo from a browser form. using jquery to create the ajax request, but keep getting the CORS error from the server. Anyone have any suggestions on how to get the responding server (marketo) to allow CORS requests? 
 
Tags (1)
7 REPLIES 7
Anonymous
Not applicable

Re: XMLHttpRequest cannot load. No 'Access-Control-Allow-Origin' header is present on the requested resource.

I dont think the server is dening the request, it is the client borwser that for security does nto allow a request to be sent to a different domain (or sub domain). Depending of what you want to do JSONP migt be the way to solve it.

 
Anonymous
Not applicable

Re: XMLHttpRequest cannot load. No 'Access-Control-Allow-Origin' header is present on the requested resource.

What are you calling on the Marketo side? Another form or the APIs?
Anonymous
Not applicable

Re: XMLHttpRequest cannot load. No 'Access-Control-Allow-Origin' header is present on the requested resource.

Calling the leads.json API. I'm passing the "Access-Control-Allow-Origin": "*", headers and a few others to be extra verbose, but it's still not accepting the request.

I'm using this to generate the Access token: http://developers.marketo.com/blog/quick-start-guide-for-marketo-rest-api/,

I just realized though, that this token is probably not persistent, and probably needs to be recreated at regular intervals I'm guessing?  That's not the issue as non-expired tokens (which work in a REST console, or straight browser), but it's /an/ issue I need to fix.
Kenny_Elkington
Marketo Employee

Re: XMLHttpRequest cannot load. No 'Access-Control-Allow-Origin' header is present on the requested resource.

Hey Ben,

What's you're reasoning for doing this client-side?  Exposing the access token to be client-facing opens you up to some serious security issues.  You should really only be executing this from the server side, and then sending any relevant data to the client with your page load.
Anonymous
Not applicable

Re: XMLHttpRequest cannot load. No 'Access-Control-Allow-Origin' header is present on the requested resource.

Proof of concept for now to ensure that the integration is being done properly, and the data is being pushed across to the server properly. We'll move all this to server side as a next step, but quick and dirty on a non-public site this is the fastest way to ensure data is being passed correctly.
Anonymous
Not applicable

Re: XMLHttpRequest cannot load. No 'Access-Control-Allow-Origin' header is present on the requested resource.

Tried it with php curl server-side and just get 500 errors, so something I'm doing still isn't functioning properly.
Anonymous
Not applicable

Re: XMLHttpRequest cannot load. No 'Access-Control-Allow-Origin' header is present on the requested resource.

@Ben, you are correct. The token expires every hour, so it needs to be refreshed at a regular interval.