为什么铬取消CORS OPTION请求 [英] Why Chrome cancel CORS OPTION request
本文介绍了为什么铬取消CORS OPTION请求的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
在我的应用程序,我创建从HTTP AJAX请求到HTTPS。这意味着我需要CORS。所以,我想补充一些头,而params为jQuery.ajax并对其进行测试。在Firefox中逝去的工程确定,但在Chrome并非如此。 Chrome浏览器杀每preflighed请求(选项)。
in my app I'm creating AJAX request from HTTP to HTTPS. This means I need CORS. So I add some headers and params to jQuery.ajax and test it. In Firefox everythings works OK, but in Chrome not. Chrome "kill" every preflighed request (OPTIONS).
jQuery脚本:
$(document).on('click', 'a.ajax', function(e) {
e.preventDefault();
$.ajax(this.href, {
type: 'GET',
dataType: 'json',
crossDomain: false,
headers: {'X-Requested-With': 'XMLHttpRequest'},
xhrFields: {
withCredentials: true
}
});
return false;
});
HTTP转储:
HTTP dump:
> OPTIONS /foo HTTP/1.1
> User-Agent: curl/7.29.0
> Host: local.bar.cz
> Accept: */*
> Access-Control-Request-Headers:accept, origin, x-requested-with
> Access-Control-Request-Method:GET
> Origin:http://local.bar.cz
>
< HTTP/1.1 204
< Server: nginx/1.2.7
< Date: Wed, 27 Feb 2013 15:06:54 GMT
< Content-Type: text/html; charset=utf-8
< Connection: keep-alive
< X-Powered-By: Nette Framework
< X-Frame-Options: SAMEORIGIN
< Access-Control-Allow-Origin: http://local.bar.cz
< Access-Control-Allow-Credentials: true
< Access-Control-Allow-Headers: accept, origin, x-requested-with
< Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
<
任何人知道为什么镀铬杀了这一要求?
any one knows why chrome kill this request?
推荐答案
也许你的HTTPS服务器有一个不可信证书。如果是这样,尝试访问的URL与浏览器的第一,并接受不受信任的连接。
Maybe your https server has an untrusted certificate. If so, try accessing to the URL with your browser first, and accepting the untrusted connection.
这篇关于为什么铬取消CORS OPTION请求的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文