SEC7118:XMLHtt prequest CORS - IE浏览器控制台消息 [英] SEC7118: XMLHttpRequest CORS - IE Console message
问题描述
我使用的CORS POST请求的一切照顾给出@ <一href="http://www.html5rocks.com/en/tutorials/cors/">http://www.html5rocks.com/en/tutorials/cors/
I am using CORS POST request with everything taken care as given @http://www.html5rocks.com/en/tutorials/cors/
服务器设置为响应头: 访问控制 - 允许 - 原产地:'*',我可以看到在IE浏览器的开发工具这头值
Server sets Response header to: 'Access-Control-Allow-Origin':'*' and I can see this header value in IE developer tool.
但在IE10浏览器中我看到控制台消息为SEC7118:XMLHtt prequest对于http://需要跨地资源共享(CORS)
But on IE10 browser I see console message as "SEC7118: XMLHttpRequest for http:// required Cross Origin Resource Sharing (CORS).
当我检查在微软网站已下面给出解释。
When I check on Microsoft site it has below given explanation.
<一个href="http://msdn.microsoft.com/en-us/ie/dn423949%28v=vs.94%29.aspx">http://msdn.microsoft.com/en-us/ie/dn423949(v=vs.94).aspx
SEC7118 的
SEC7118
说明:的 XMLHtt prequest为[URL]需要跨地资源共享(CORS)。 一个XMLHtt prequest是一个域,这是比你的网页的域名不同进行。这就要求服务器返回一个访问控制 - 允许 - 起源标题中的响应头,但一人没有回来。的
Description: "XMLHttpRequest for [URL] required Cross Origin Resource Sharing (CORS). " An XMLHttpRequest was made to a domain that was different than your page's domain. This requires the server to return an "Access-Control-Allow-Origin" header in its response headers, but one was not returned.
修复建议:的 服务器必须支持CORS请求,并返回相应的访问控制 - 允许 - 起源头与资源。见CORS对XHR在IE10约CORS响应标头的详细信息。的
Suggested Fix: The server must support CORS requests and return an appropriate "Access-Control-Allow-Origin" header with the resource. See CORS for XHR in IE10 for more info about CORS in response headers.
问题:
- 我想知道,如果这个控制台消息是错误??
- 这会不会造成任何故障??
- 为什么即使设置应答头之后我得到这个消息访问控制 - 允许 - 原产地值*??
- 是'访问控制 - 允许 - 原产地值必须产地名称 IE10工作?我知道*是不是一个非常好的选择,但IE浏览器 需要确切来源的名字??
- I want to know if this console message is an ERROR ??
- Will this cause any failures ??
- Why do I get this message even after setting response header 'Access-Control-Allow-Origin' value to '*'??
- Does 'Access-Control-Allow-Origin' value has to be origin name for IE10 to work? I know * is not a very good option, But does IE requires exact origin name ??
我不停的URL和cookie的细节隐藏这些图像。
I kept URL's and cookie details hidden from these images.
推荐答案
只是踢,从的 MSDN :
安全性错误codeS的形式为SEC7xxx [在IE]
Security error codes are in the form SEC7xxx [In IE]
用于修饰SEC7118:
Pertaining to SEC7118:
这是XMLHtt prequest是一个域,这是比你的网页的域名不同进行。这就要求服务器返回一个访问控制 - 允许 - 起源标题中的响应头,但一人没有回来。
An XMLHttpRequest was made to a domain that was different than your page's domain. This requires the server to return an "Access-Control-Allow-Origin" header in its response headers, but one was not returned.
请注意此错误code辗转于IE11在Windows 10,它仍然在IE11的Windows 8.1和Windows 7。
Note This error code was removed in IE11 on Windows 10. It remains in IE11 for Windows 8.1 and Windows 7.
因此,它在技术上被视为从IE浏览器的角度来看一个错误,但肯定不是一天(因此它为什么要离开)。访问控制 - 允许 - 原产地设定上的资源,但不一定发回的请求。如果指定的资源没有访问控制 - 允许 - 产地:* (或域),该资源将无法访问,服务器可能会返回一个503或404,你会看到类似下面的控制台一个真正的错误消息:
So it is technically viewed as an error from IE's perspective, but certainly isn't one (hence why it is going away). Access-Control-Allow-Origin is set on a resource, but isn't necessarily sent back with the request. If a specified resource DOESN'T have Access-Control-Allow-Origin:* (or a domain), the resource would not be accessible and the server would likely return a 503 or 404 and you would see a true error message in the console similar to the below:
XMLHtt prequest无法加载 http://example.com/ 。没有访问控制 - 允许 - 原产地标头的请求的资源present。原产地 http://blog.example.com ,因此不允许访问。
XMLHttpRequest cannot load http://example.com/. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://blog.example.com' is therefore not allowed access.
这篇关于SEC7118:XMLHtt prequest CORS - IE浏览器控制台消息的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
