reason: cors header ‘access-control-allow-origin’ missing - Access-Control-Allow-Origin error sending a jQuery Post to Google API's

2 Answers

I had exactly the same issue and it was not cross domain but the same domain. I just added this line to the php file which was handling the ajax request.

<?php header('Access-Control-Allow-Origin: *'); ?>

It worked like a charm. Thanks to the poster

cors header 'access-control-allow-origin' missing jquery ajax

I read a lot for the 'Access-Control-Allow-Origin' error, but I don't understand what I have to fix :(

I'm playing with Google Moderator API, but when I try to add new serie I receive:

XMLHttpRequest cannot load[key]
Origin [my_domain] is not allowed by Access-Control-Allow-Origin.

I tried with and without callback parameter, I tried to add 'Access-Control-Allow-Origin *' to the header. And I don't know how to use $.getJSON here, if apply, because I have to add the Authorization header and I don't know how to do it without beforeCall from $.ajax :/

Any light for this darkness u.u?

That's the code:

<script src=""></script>

<script type="text/javascript">

var scope = "";
var token = '';

function create(){
     if (token == '')
      token = doCheck();

     var myData = {
      "data": {
        "description": "Share and rank tips for eating healthily on the cheaps!", 
        "name": "Eating Healthy & Cheap", 
        "videoSubmissionAllowed": false


        url: ''+key,
        type: 'POST',
        callback: '?',
        data: myData,
        datatype: 'application/json',
        success: function() { alert("Success"); },
        error: function() { alert('Failed!'); },
        beforeSend: setHeader


function setHeader(xhr) {

  xhr.setRequestHeader('Authorization', token);

function doLogin(){ 
    if (token == ''){
       token = google.accounts.user.login(scope);
       alert('already logged');

function doCheck(){             
    token = google.accounts.user.checkLogin(scope);
    return token;
<div data-role="content">
    <input type="button" value="Login" onclick="doLogin();">
    <input type="button" value="Get data" onclick="getModerator();">
    <input type="button" value="Create" onclick="create();">
</div><!-- /content -->

Yes, the moment jQuery sees the URL belongs to a different domain, it assumes that call as a cross domain call, thus crossdomain:true is not required here.

Also, important to note that you cannot make a synchronous call with $.ajax if your URL belongs to a different domain (cross domain) or you are using JSONP. Only async calls are allowed.

Note: you can call the service synchronously if you specify the async:false with your request.