javascript - No 'Access-Control-Allow-Origin' header is present. Origin is therefore not allowed access -

edit: no jsonp! yes know cors handled server , yes server support it. issue on side.

i trying use mediawiki api browser. sending request through xmlhttprequest due cors issues it's not working. getting following message browser after receives response:

xmlhttprequest cannot load https://en.wikipedia.org/w/api.php?format=json&action=query&list=search&srsearch=oculus&utf8. no 'access-control-allow-origin' header present on requested resource. origin 'http://127.0.0.1:8000' therefore not allowed access.

i understand why getting issue not know how can solve browser/javascript side.

code:

xmlhttp.open("get","https://en.wikipedia.org/w/api.php?format=json&action=query&list=search&srsearch=" + subreddit + "&utf8",true); xmlhttp.setrequestheader("content-type", "application/json; charset=utf-8"); xmlhttp.send(); 

some of things i've tried:

xmlhttp.setrequestheader('access-control-allow-origin', 'http://localhost'); xmlhttp.setrequestheader('access-control-allow-methods', 'get, post, options, put, patch, delete'); xmlhttp.setrequestheader('access-control-allow-headers', 'x-requested-with,content-type'); xmlhttp.setrequestheader('access-control-allow-credentials', true) xmlhttp.setrequestheader("content-type", "application/json; charset=utf-8"); 

and setting parameter origin in url or setrequestheader returned invalid/bad origin, denied.

you can use jsonp.

<script src='https://en.wikipedia.org/w/api.php?format=json&action=query&list=search&srsearch=oculus&utf8&callback=callbackname'></script> <script>     function callbackname(data){        //you can response data here     } </script> 

if use jquery.

$.getjson('https://en.wikipedia.org/w/api.php?format=json&action=query&list=search&srsearch=oculus&utf8&callback=?', function(data){     //you can response data here })