CORS + Cordova:问题:Access-Control-Allow-Origin [英] CORS + Cordova : issues with : Access-Control-Allow-Origin
问题描述
我一直在搜索这个问题,但我仍然找不到任何解决方案。
I have been searching hours on this issue, but I still can't find any solution to this.
我正在开发一个App cordova(basicely HTML / JS) )
所以:应用程序在导航器上运行,我无法向API发出ajax请求: https://developer.riotgames.com/
但是让我们说我只想获得谷歌页面。
I am developping an App cordova (basicely HTML / JS) So : the app runs on mobile from the navigator, and I have trouble making an ajax request to an API : https://developer.riotgames.com/ But let's say that I just want to get the google page.
地球上怎么做我这样做,这甚至可能吗?
这是一个简单的例子:
How on earth do I do that, is this even possible ? Here is a simple exemple :
$.ajax({
type: "GET",
url: "https://google.com",
dataType: "text",
success: function(response){
alert("!!!");
},
error: function(error){
alert("...");
}
});
我一次又一次地收到同样的错误:
I am getting the same error again and again :
XMLHttpRequest无法加载 https://google.com/ 。没有
'Access-Control-Allow-Origin'标头出现在请求的
资源上。因此不允许原点'null'访问
XMLHttpRequest cannot load https://google.com/. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access
原点'null'是因为我运行的代码来自: file:/// D:/Projets/LoL/www/index.html
我读到导航器正在阻塞,但是如果我用<$禁用安全性它也不行c $ c> - disable-web-security
当然,我无权访问我想加入的服务器。
The origin 'null' is because I run the code from : file:///D:/Projets/LoL/www/index.html
and I read that the navigator is blocking, but it doesn't work as well if I disable the security with --disable-web-security
And of course, I don't have access to the server I want to join.
非常感谢你的帮助!
推荐答案
你需要Cordova白名单插件: https://cordova.apache.org/docs/en/latest/reference/cordova- plugin-whitelist / 。
You need the Cordova whitelist plugin: https://cordova.apache.org/docs/en/latest/reference/cordova-plugin-whitelist/.
在config.xml中有这个:
Have this in config.xml:
<access origin="*" />
<allow-navigation href="*"/>
并在index.html中拥有Content-Security-Policy元。类似于:
And have the Content-Security-Policy meta in index.html. Something like:
<meta http-equiv="Content-Security-Policy" content="default-src *; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; media-src *; img-src 'self' data:">
这篇关于CORS + Cordova:问题:Access-Control-Allow-Origin的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!