Click here to Skip to main content
11,922,381 members (31,636 online)
Rate this:
Please Sign up or sign in to vote.
Hello Everyone,

We have created REST services using web API and successfully deployed on our Testing Servers. When check those services using POSTER (tool comes as addon in Mozilla and used for testing services), we get perfect output. But when we do Jquery Ajax call, we
face error of " Origin is not allowed by access-control-allow-origin + rest services ". To solve this problem we were about to use JSONP but jsonP does CSRF or XSRF attacks. Because of which we have to find another alternative.

Here is my code which i used to call Service.

function GetAllAssets() {

       type: "POST",
       url: "",
       contentType: "application/json; charset=utf-8",
       dataType: "json",
       async: false,
       success: OnGetAllAssetsSuccess,
       error: OnGetAllAssetsError
function OnGetAllAssetsSuccess(data, status) {
alert("status "+status);
function OnGetAllAssetsError(request, status, error) {
alert("status "+ status);

We are using Windows server 2003 and 2008, Is there anything in server configuration which can solve this or any other alternative. Is that a problem of Rest Service Code shown below?

Here is a function code of one function:

        public HttpResponseMessage GetAllSites(Models.LogInInfo logInInfo)
            Models.LogWriter.WriteEventLog("UserName:" + logInInfo.UserName + "password:" + logInInfo.Password);
            RESTLibrary.User user;
                BusinessObjects.SiteQuery sq = new BusinessObjects.SiteQuery("s");
                BusinessObjects.VisibleSitesQuery vs = new BusinessObjects.VisibleSitesQuery("v");
                BusinessObjects.UserRoleQuery urq = new BusinessObjects.UserRoleQuery("r");
                // code to get the Vam On Demand Database name and set the connection property of the ES objects.

                Models.LogWriter.WriteEventLog("UserName:" + logInInfo.UserName + "password:" + logInInfo.Password);
                user = Models.Common.AuthenticateUser(logInInfo.UserName, logInInfo.Password);
                if (user == null)
                    throw new Exception("User is not authenticated.");
                Int32 RoleID = user.GetUserRoleID();
                    ).Where(sq.SiteID.In(vs.Select(vs.SiteID).Where(vs.RoleID.In(urq.Select(urq.RoleID).Where(urq.UserID == user.UserID)))));
                BusinessObjects.SiteCollection sites = new BusinessObjects.SiteCollection();
<pre lang="cs">sites.Load(sq);
                var siteList = from s in sites
                               select new Models.Site
                                   SiteCode = s.SiteCode,
                                   SiteDescription = s.SiteDescription,
                                   SiteIDInternal = (Guid)s.SiteIDInternal,
                                   SiteName = s.SiteName
                HttpResponseMessage message = Request.CreateResponse(HttpStatusCode.OK, siteList.ToList());
                return message;
            catch (Exception ex)
               // return string.Empty;
                var response = new HttpResponseMessage(HttpStatusCode.Conflict);
                response.Content = new StringContent(ex.Message);
                throw new HttpResponseException(response);

This function just returns list of Sites created in application.

Posted 4-Oct-12 19:39pm
Edited 4-Oct-12 22:00pm

1 solution

Rate this: bad
Please Sign up or sign in to vote.

Solution 1

I was able to use the following link to resolve this issue.[^]

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 OriginalGriff 453
1 Dave Kreskowiak 335
2 Sergey Alexandrovich Kryukov 263
3 Richard MacCutchan 225
4 ppolymorphe 175
0 OriginalGriff 7,231
1 KrunalRohit 4,530
2 Sergey Alexandrovich Kryukov 3,356
3 George Jonsson 2,865
4 Suvendu Shekhar Giri 2,216

Advertise | Privacy | Mobile
Web02 | 2.8.151120.1 | Last Updated 22 Apr 2014
Copyright © CodeProject, 1999-2015
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100