由于访问控制允许起源,PHP-AJAX CORS失败 [英] PHP-AJAX CORS Fails due to Access-Control-Allow-Origin
问题描述
我正在尝试使用以下代码进行AJAX调用(CORS):
I am trying to make an AJAX call (CORS) using the below code:
$.ajax({
type: "POST",
url: 'http://localhost/MySpace',
success: function(result) {
console.log(result);
},
error: function() {
console.log("error");
},
});
我正在从以下位置运行以上代码:
I am running the above code from:
http://127.0.0.1/Test/index.html
在http://localhost/MySpace
处编写的PHP代码如下:
The PHP Code written at http://localhost/MySpace
is as below:
<?php
header("Access-Control-Allow-Origin: *");
echo "Hello";
?>
根据我的理解,这应该有效.但是我收到此错误:
As per my understanding, this should have worked. However I am getting this error:
XMLHttpRequest cannot load http://localhost/MySpace. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://127.0.0.1' is therefore not allowed access.
该怎么做?还是我做错了什么?
What should I do make this work? Or am I doing something entirely wrong?
根据调试请求的建议,我尝试了执行curl请求:
As per suggestions to debug the request I tried making a curl request:
curl -i http://127.0.0.1/MySpace/
作为回应,我看到Access-Control-Allow-Origin
被标记为*
:
And in response I can see that Access-Control-Allow-Origin
is marked as *
:
HTTP/1.1 200 OK
Date: Fri, 13 May 2016 05:59:19 GMT
Server: Apache/2.4.18 (Unix) OpenSSL/1.0.2g PHP/5.6.19 mod_perl/2.0.8-dev Perl/v5.16.3
X-Powered-By: PHP/5.6.19
Access-Control-Allow-Origin: *
Content-Length: 5
Content-Type: text/html; charset=UTF-8
根据评论,我在.htaccess
中添加了以下代码:
As per the comment I added the below code to my .htaccess
:
Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
@
这是我的响应标题:
HTTP/1.1 301 Moved Permanently
Date: Fri, 13 May 2016 09:26:44 GMT
Server: Apache/2.4.18 (Unix) OpenSSL/1.0.2g PHP/5.6.19 mod_perl/2.0.8- dev Perl/v5.16.3
Location: http://localhost/elasticservice/
Content-Length: 240
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Content-Type: text/html; charset=iso-8859-1
这是我的请求标头:
POST /elasticservice HTTP/1.1
Host: localhost
Connection: keep-alive
Content-Length: 0
Cache-Control: max-age=0
Accept: */*
Origin: http://127.0.0.1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.110 Safari/537.36
Referer: http://127.0.0.1/test/
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8,hi;q=0.6
推荐答案
您已允许CORS Origin,因此对于强制访问跨域3标头(Origin, Methods, Headers)
,请参见下面的示例标头
You have allowed CORS Origin, so for access cross domain 3 headers (Origin, Methods, Headers)
compulsory, see below sample headers
header('Access-Control-Allow-Origin: *');
header("Access-Control-Allow-Headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method");
header("Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE");
@update:您可以尝试此解决方案
@update: you can try this solution
header('Access-Control-Allow-Origin: *');
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
$headers=getallheaders();
@$ACRH=$headers["Access-Control-Request-Headers"];
header("Access-Control-Allow-Headers: $ACRH");
}
header("Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE");
这篇关于由于访问控制允许起源,PHP-AJAX CORS失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!