XMLHttpRequest将POST更改为OPTION [英] XMLHttpRequest changes POST to OPTION
问题描述
我有这个代码:
net.requestXHR = function() {
this.xhr = null;
if(window.XMLHttpRequest === undefined) {
window.XMLHttpRequest = function() {
try {
// Use the latest version of the activex object if available
this.xhr = new ActiveXObject("Msxml2.XMLHTTP.6.0");
}
catch(e1) {
try {
// Otherwise fall back on an older version
this.xhr = new ActiveXObject("Mxsml2.XMLHTTP.3.0");
}
catch(e2) {
//Otherwise, throw an error
this.xhr = new Error("Ajax not supported in your browser");
}
}
};
}
else
this.xhr = new XMLHttpRequest();
}
net.requestXHR.prototype.post = function(url, data) {
if(this.xhr != null) {
this.xhr.open("POST", url);
this.xhr.setRequestHeader("Content-Type", "application/json");
this.xhr.send(data);
}
}
var rs = new net.requestSpeech();
console.log(JSON.stringify(interaction));
rs.post("http://localhost:8111", JSON.stringify(interaction));
当发送执行时,我有这个日志:
when the send execute, i have this log:
OPTIONS http://localhost:8111/ [HTTP/1.1 405 Method Not Allowed 74ms]
在localhost:8111我有一个接受帖子的reslet serverResource,它是同源策略的问题?我已修改restlet以放置allow-origin标头,我用另一个GET http请求(在jquery中)测试它并正常工作。我有相同原点解决的问题因为我使用html5浏览器而我的服务器将标题放在响应中,那么为什么send会显示这个错误?为什么要改变OPTION的POST?
谢谢!
And in localhost:8111 i have a reslet serverResource that accept post, it is problem of same origin policy? i have modify the restlet to put the allow-origin header and i test it with another GET http request (in jquery) and work ok. I have the problem of same origin resolve because i use an html5 browser and my server put the headers in the response, so why the send shows me this error? why change POST for OPTION? Thanks!
可能重复?:我认为不行,但确实如此,问题是
相同这两个问题,但我的是指自从b $ b b浏览器出现问题以及另一个问题,首先指向
jquery。根据经验,时间不计算重复,
答案是不同的,但两个问题互补
是真的。
Possible duplicate?: I think no, but it's true, the problem is the same for both questions, but mine are refers since the question that there is an issue with the browser, and the other, first points to jquery. By experience the time does not count for duplicate, the answers are different but it's true that both questions complement each other.
推荐答案
是的,这是同源政策的问题。您正在向不同的服务器或不同的端口发出请求,这意味着它是跨站点HTTP请求。以下是文档对此类请求的说法:
Yes, this is a "problem with same-origin policy". You are making your request either to a different server or to a different port, meaning that it is a cross-site HTTP request. Here is what the documentation has to say about such requests:
此外,对于可能对
服务器数据造成副作用的HTTP请求方法(特别是对于除<之外的HTTP方法) code> GET ,或
POST某些MIME类型的用法),规范要求
浏览器预检请求,从
服务器请求支持的方法,使用HTTPOPTIONS请求方法,然后,从
批准来自服务器,使用实际的
HTTP请求方法发送实际请求。
Additionally, for HTTP request methods that can cause side-effects on server's data (in particular, for HTTP methods other than
GET, or forPOSTusage with certain MIME types), the specification mandates that browsers "preflight" the request, soliciting supported methods from the server with an HTTPOPTIONSrequest method, and then, upon "approval" from the server, sending the actual request with the actual HTTP request method.
CORS标准(带预检的跨域请求部分)。您的服务器需要允许 OPTIONS 请求,并使用 Access-Control-Allow-Origin 发送响应, Access-Control-Allow-Headers 和 Access-Control-Allow-Methods 允许请求的标头。然后浏览器将进行实际的 POST 请求。
There is a more detailed description in the CORS standard ("Cross-Origin Request with Preflight" section). Your server needs to allow the OPTIONS request and send a response with Access-Control-Allow-Origin, Access-Control-Allow-Headers and Access-Control-Allow-Methods headers allowing the request. Then the browser will make the actual POST request.
这篇关于XMLHttpRequest将POST更改为OPTION的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
