$.ajax Post Returning "status":403,"statustext":"forbidden" Cordova Android
Solution 1:
- ensure the server code returns a CORS header granting access from other sites:
eg: header('Access-Control-Allow-Origin: *');
ensure "ModSecurity" is disabled on your server (if you have cPanel access you should be able to do that via cPanel / Security or something like that)
ensure you have the cordova whitelist plugin installed (use the "legacy" plugin for cordova pre v5.0.0):
$ cordova plugin add cordova-plugin-legacy-whitelist
setup a very open whitelist in your cordova config.xml:
<allow-intent href="*" />
<access origin="*" />
setup a Content Security Policy in your index.html:
<meta http-equiv="Content-Security-Policy" content="default-src *; script-src * 'unsafe-eval' 'unsafe-inline'; connect-src *; img-src *; style-src * 'unsafe-inline' ; media-src *;">
This makes everything WIDE open, whereas the point of cross-origin-domains, whitelisted URL request, and content security policies is to restrict cross-domain access. I'll leave it as an exercise to research and restrict the security down, after you get the thing working.
I hope this helps.
References:
https://github.com/apache/cordova-plugin-whitelist#content-security-policyhttps://cordova.apache.org/announcements/2015/04/21/plugins-release-and-move-to-npm.htmlhttp://content-security-policy.com/
Solution 2:
Do you have the domain you'r trying access on the allowed domains for your APP? You can set this on comfig.xml.
Post a Comment for "$.ajax Post Returning "status":403,"statustext":"forbidden" Cordova Android"