我试图跨两个Web应用程序启用跨源资源共享,但仍收到“ Access-Control-Allow-Origin不允许使用Origin X”。
该请求看起来像这样:
Request URL:http://mywebsite:8700/?myparam=blah
Request Headersview source
Accept:application/json, text/javascript, */*; q=0.01
Origin:http://localhost:1715
Referer:http://localhost:1715/stuff
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.79 Safari/537.1
Query String Parametersview URL encoded
myparam:blah
这给出了错误:
XMLHttpRequest cannot load http://mywebsite:8700/?myparam=blah. Origin http://localhost:1715 is not allowed by Access-Control-Allow-Origin.
如果我直接在浏览器中访问URL,则会得到以下响应标头,并返回正确的JSON
Request URL:http://mywebsite:8700/?myparam=blah
Request Method:GET
Status Code:200 OK
Request Headersview source
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Authorization:Negotiate blahblahblahblahblahblahblahblahblah
Cache-Control:max-age=0
Connection:keep-alive
Cookie:blahblahblah
Host:mywebsite:8700
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.79 Safari/537.1
Query String Parametersview URL encoded
myparam:blah
Response Headersview source
Access-Control-Allow-Headers:*
Access-Control-Allow-Methods:*
Access-Control-Allow-Origin:*
Cache-Control:private
Content-Length:11563
Content-Type:application/json; charset=utf-8
Date:Wed, 29 Jan 2014 06:51:49 GMT
WWW-Authenticate:Negotiate blahblahblah==
使用JSONP是最后的解决方案,因为它会对已经调用此方法的其他应用程序产生影响。
原来该请求接收到401错误,因此响应服务器甚至没有机会返回Access-Control-Allow-Headers标头。
本文收集自互联网,转载请注明来源。
如有侵权,请联系 [email protected] 删除。
我来说两句