<tfoot id='DERgS'></tfoot>
    <bdo id='DERgS'></bdo><ul id='DERgS'></ul>
  • <small id='DERgS'></small><noframes id='DERgS'>

  • <legend id='DERgS'><style id='DERgS'><dir id='DERgS'><q id='DERgS'></q></dir></style></legend>

    <i id='DERgS'><tr id='DERgS'><dt id='DERgS'><q id='DERgS'><span id='DERgS'><b id='DERgS'><form id='DERgS'><ins id='DERgS'></ins><ul id='DERgS'></ul><sub id='DERgS'></sub></form><legend id='DERgS'></legend><bdo id='DERgS'><pre id='DERgS'><center id='DERgS'></center></pre></bdo></b><th id='DERgS'></th></span></q></dt></tr></i><div id='DERgS'><tfoot id='DERgS'></tfoot><dl id='DERgS'><fieldset id='DERgS'></fieldset></dl></div>

      1. 尽管标头正确,但 CORS Access-Control-Allow-Origin

        时间:2023-10-14
      2. <i id='btzGi'><tr id='btzGi'><dt id='btzGi'><q id='btzGi'><span id='btzGi'><b id='btzGi'><form id='btzGi'><ins id='btzGi'></ins><ul id='btzGi'></ul><sub id='btzGi'></sub></form><legend id='btzGi'></legend><bdo id='btzGi'><pre id='btzGi'><center id='btzGi'></center></pre></bdo></b><th id='btzGi'></th></span></q></dt></tr></i><div id='btzGi'><tfoot id='btzGi'></tfoot><dl id='btzGi'><fieldset id='btzGi'></fieldset></dl></div>

          <tfoot id='btzGi'></tfoot>
            <tbody id='btzGi'></tbody>

          <small id='btzGi'></small><noframes id='btzGi'>

        1. <legend id='btzGi'><style id='btzGi'><dir id='btzGi'><q id='btzGi'></q></dir></style></legend>

              • <bdo id='btzGi'></bdo><ul id='btzGi'></ul>

                • 本文介绍了尽管标头正确,但 CORS Access-Control-Allow-Origin的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

                  问题描述

                  我正在尝试在客户端上使用 jQuery (1.7.1) 驱动的 ajax 和 apache 服务的 python (django) 服务器来设置简单的跨域资源共享.根据我已阅读的所有说明,我的标题设置正确,但我不断收到以下错误:

                  I am trying to set up simple Cross-Origin Resource Sharing using jQuery (1.7.1) powered ajax on the client and apache served python (django) server. According to all the instructions I have read my headers are set correctly, but I keep getting the following error:

                  XMLHttpRequest 无法加载 http://myexternaldomain.com/get_data.来源 http://localhost:8080 不允许访问控制允许来源.

                  XMLHttpRequest cannot load http://myexternaldomain.com/get_data. Origin http://localhost:8080 is not allowed by Access-Control-Allow-Origin.

                  我正在尝试发送的标题(我不确定它是否能通过浏览器)发送是:

                  The header being I am trying to (I am not sure it is even getting past the browser) send is:

                  Request URL:http://myexternaldomain.com/get_data
                  Accept:application/json, text/javascript, */*; q=0.01
                  Origin:http://localhost:8080
                  Referer:http://localhost:8080/static/js/test-zetta.html
                  User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.66 Safari/535.11
                  

                  javascript代码是

                  The javascript code is

                      var request = $.ajax({
                          url : "http://myexternaldomain.com/get_data",
                          type : "POST",
                          dataType : "json",
                          crossDomain : true
                      });
                  

                  请注意,origin 设置正确.服务器使用以下python代码添加标头Access-Control-Allow-Origin = *

                  Note that origin is set correctly. The server adds the header Access-Control-Allow-Origin = * using the following python code

                  def process_response(self, response):
                      if response.has_header('Access-Control-Allow-Origin'):
                              return response
                  
                      response['Access-Control-Allow-Origin'] = '*'
                      return response
                  
                  def get_orders(request):
                      """ Tell worker what to do """
                      response_data = {}
                      response_data['action'] = 'probe'
                      response = process_response(HttpResponse(json.dumps(response_data), mimetype="application/json"))
                      return response
                  

                  如果我直接访问该地址,似乎可以确认标题设置正确

                  If I visit the address directly, it appears to confirm that the header is being set correctly

                  Access-Control-Allow-Origin:*
                  Content-Type:application/json
                  Date:Thu, 08 Mar 2012 05:06:25 GMT
                  Server:Apache/2.2.20 (Ubuntu)
                  Transfer-Encoding:chunked
                  

                  但是在跨域设置中它总是失败(尝试了 chrome 和 firefox).我已经尝试完全按照 this 问题,但得到同样的错误

                  However in the cross domain setting it always fails (tried both chrome and firefox). I've tried implementing the code exactly as per the selected answer to this question, but get the same error

                  更新

                  我很确定问题出在服务器端,因为我已经设法让我的 ajax 调用与另一个启用了 CORS 的公共服务器一起工作.当我比较从这个公共服务器返回的标头和从我返回的标头(当我从同一个域进行测试时)时,我看不到任何可能导致差异的主要差异(见下文).

                  I am quite sure that the problem is server side, as I have managed to get my ajax calls working with a different public CORS enabled server. When I compare the headers coming back from this public server, and the ones returned from mine (when I test from same domain), I cannot see any major difference which could account for difference (see below).

                  我排除的一个微妙之处可能很重要,也可能很重要,那就是实际域是多个子域的亚马逊域.真实地址是http://ec2-23-20-27-108.compute-1.amazonaws.com/get_orders,请随意探索一下,看看我做错了什么.

                  One subtlety that I excluded, which may or may be important is that the actual domain is an amazon domain of multiple subdomains. The real address is http://ec2-23-20-27-108.compute-1.amazonaws.com/get_orders , feel free to probe it to see what I am doing wrong.

                  来自公共服务器

                  Access-Control-Allow-Origin:*
                  Connection:Keep-Alive
                  Content-Encoding:gzip
                  Content-Length:622
                  Content-Type:text/html
                  Date:Thu, 08 Mar 2012 15:33:20 GMT
                  Keep-Alive:timeout=15, max=99
                  Server:Apache/2.2.14 (Ubuntu)
                  Vary:Accept-Encoding
                  X-Powered-By:Perl/5.8.7, PHP/4.4.0
                  

                  来自我的服务器 - (不能跨域工作)

                  Access-Control-Allow-Origin:*
                  Content-Encoding:gzip
                  Content-Type:text/plain
                  Date:Thu, 08 Mar 2012 15:32:24 GMT
                  Server:Apache/2.2.20 (Ubuntu)
                  Transfer-Encoding:chunked
                  Vary:Accept-Encoding
                  

                  推荐答案

                  所以我被转到 URL 的响应误导了,实际上问题是在执行 ajax 请求时,我得到了 403 (由于 csrf 保护,仅在 firefox 而非 chrome 中显示)错误.

                  So I was being mislead by the response from going to the URL, and in fact the problem was that when doing the ajax request, I was getting a 403 (only revealed in firefox not chrome) error due to csrf protection.

                  这篇关于尽管标头正确,但 CORS Access-Control-Allow-Origin的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持html5模板网!

                  上一篇:AJAX 请求获取“请求的资源上不存在‘Access-Cont 下一篇:如何在 Nuxt 静态文件响应中添加标题?

                  相关文章

                  最新文章

                    <tfoot id='gIGCp'></tfoot>

                      <i id='gIGCp'><tr id='gIGCp'><dt id='gIGCp'><q id='gIGCp'><span id='gIGCp'><b id='gIGCp'><form id='gIGCp'><ins id='gIGCp'></ins><ul id='gIGCp'></ul><sub id='gIGCp'></sub></form><legend id='gIGCp'></legend><bdo id='gIGCp'><pre id='gIGCp'><center id='gIGCp'></center></pre></bdo></b><th id='gIGCp'></th></span></q></dt></tr></i><div id='gIGCp'><tfoot id='gIGCp'></tfoot><dl id='gIGCp'><fieldset id='gIGCp'></fieldset></dl></div>
                      • <bdo id='gIGCp'></bdo><ul id='gIGCp'></ul>
                      <legend id='gIGCp'><style id='gIGCp'><dir id='gIGCp'><q id='gIGCp'></q></dir></style></legend>

                      <small id='gIGCp'></small><noframes id='gIGCp'>