在客户端启用 CORS [英] Enabling CORS on the client side

问题描述

我正在创建一个 Web 应用程序，它将在我无法管理或修改的服务器上运行.

I'm creating a web appliacation that will run on a server that I can not manage nor modify in any case.

在该应用程序中，我需要对不同的服务器执行 AJAX 调用.这将始终被同源策略"阻止.

Within that application, I need to exceute a AJAX call to a different server. This will always be blocked by the 'Same Origin Policy'.

其中 server01.test.net 是网络服务器，mail.test.net 是第二个服务器.

Where server01.test.net is the webserver and mail.test.net is the second server.

有没有办法在客户端以任何方式启用 CORS，因为我无法在服务器上添加Access-Control-Allow-Origin*".或任何其他工作?

Is there a way to enable CORS by any means in the client side, as I'm not able to add the 'Access-Control-Allow-Origin "*"' on the server. Or any other workaournd?

谢谢

推荐答案

如果您调用的服务器不支持 CORS，您将无法使用 AJAX 向第三方服务器发出请求.

If the server you are calling does not support CORS, you will not be able to make the request to the third-party server using AJAX.

您将不得不在您的应用程序中设置传递 AJAX 路由.客户端(浏览器)向您的 AJAX 路由发出请求，该路由将调用代理到第三方服务器并返回结果.由于第三方请求发生在服务器而不是浏览器上，因此同源策略不适用.

You will have to resort to setting up a pass-through AJAX route in your application. The client (browser) makes a request to your AJAX route which proxies the call to the third-party server and returns the result. Because the third-party request is happening on the server rather than the browser, Same Origin Policy doesn't apply.

这种方法意味着，如果您可以使用 CORS，将会有一个不必要的额外请求，但实际上没有其他选择.

This approach means there will be an additional request that wouldn't be necessary if you could use CORS, but there really isn't another option.

这篇关于在客户端启用 CORS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！