如何获得一个跨域资源共享(CORS)职位要求的工作 [英] How to get a cross-origin resource sharing (CORS) post request working
问题描述
我有一台机器在我的本地局域网(machineA的),有两个Web服务器。首先是内置之一,XBMC(8080端口),并显示我们的图书馆。第二个服务器是CherryPy的Python脚本(8081端口),我使用触发点播文件的转换。文件转换是通过从XBMC服务器提供的页面上一个的AJAX POST请求触发
I have a machine on my local lan (machineA) that has two web servers. The first is the in-built one in XBMC (on port 8080) and displays our library. The second server is a CherryPy python script (port 8081) that I am using to trigger a file conversion on demand. The file conversion is triggered by a AJAX POST request from the page served from the XBMC server.
- 转到的http:// machineA的:8080 它显示库
- 在显示库
- 在用户点击转换链接,发出以下命令 -
- Goto http://machineA:8080 which displays library
- Library is displayed
- User clicks on 'convert' link which issues the following command -
jQuery的Ajax请求
jQuery Ajax Request
$.post('http://machineA:8081', {file_url: 'asfd'}, function(d){console.log(d)})
- 在浏览器以以下的头一个HTTP OPTIONS请求;
请求头 - 选项
Host: machineA:8081
User-Agent: ... Firefox/4.01
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Origin: http://machineA:8080
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-requested-with
- 在服务器与下列响应;
响应头 - OPTIONS(STATUS = 200 OK)
Content-Length: 0
Access-Control-Allow-Headers: *
Access-Control-Max-Age: 1728000
Server: CherryPy/3.2.0
Date: Thu, 21 Apr 2011 22:40:29 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/html;charset=ISO-8859-1
- 谈话,然后停止。浏览器,在理论上,发出POST请求的服务器用正确的回应CORS头(访问控制 - 允许 - 产地:*)(?)
有关疑难解答,我还签发了一份来自 http://jquery.com 同一$。员额命令。这是我难倒,从jquery.com,POST请求的工作原理,通过后下一个OPTIONS请求被发送。从这次交易的头是以下;
For troubleshooting, I have also issued the same $.post command from http://jquery.com. This is where I am stumped, from jquery.com, the post request works, a OPTIONS request is sent following by a POST. The headers from this transaction are below;
请求头 - 选项
Host: machineA:8081
User-Agent: ... Firefox/4.01
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Origin: http://jquery.com
Access-Control-Request-Method: POST
响应头 - OPTIONS(STATUS = 200 OK)
Content-Length: 0
Access-Control-Allow-Headers: *
Access-Control-Max-Age: 1728000
Server: CherryPy/3.2.0
Date: Thu, 21 Apr 2011 22:37:59 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: text/html;charset=ISO-8859-1
请求头 - POST
Host: machineA:8081
User-Agent: ... Firefox/4.01
Accept: */*
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip,deflate
Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7
Keep-Alive: 115
Connection: keep-alive
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Referer: http://jquery.com/
Content-Length: 12
Origin: http://jquery.com
Pragma: no-cache
Cache-Control: no-cache
响应头 - POST(STATUS = 200 OK)
Content-Length: 32
Access-Control-Allow-Headers: *
Access-Control-Max-Age: 1728000
Server: CherryPy/3.2.0
Date: Thu, 21 Apr 2011 22:37:59 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
我想不通,为什么同样的请求,将工作从一个网站,而不是其他。我希望有人也许能够指出我错过了什么。感谢您的帮助!
I can't work out why the same request would work from one site, but not the other. I am hoping someone might be able to point out what I am missing. Thanks for your help!
推荐答案
在这个环节<我终于迷迷糊糊一href="http://stackoverflow.com/questions/5584923/a-cors-post-request-works-from-plain-javascript-but-why-not-with-jquery">A CORS POST请求的工作从简单的JavaScript,但为什么不使用jQuery?是指出的jQuery 1.5.1添加
I finally stumbled upon this link "A CORS POST request works from plain javascript, but why not with jQuery?" that notes that jQuery 1.5.1 adds the
Access-Control-Request-Headers: x-requested-with
标题,所有的CORS请求。 jQuery的1.5.2并没有做到这一点。另外,根据同样的问题,设置了一个服务器响应头
header to all CORS requests. jQuery 1.5.2 does not do this. Also, according to the same question, setting a server response header of
Access-Control-Allow-Headers: *
不允许响应继续。您需要确保的响应头具体包括所需的标题。即:
does not allow the response to continue. You need to ensure the response header specifically includes the required headers. ie:
Access-Control-Allow-Headers: x-requested-with
这篇关于如何获得一个跨域资源共享(CORS)职位要求的工作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!