用PHP和Javascript/Ajax绕过CORS [英] Bypassing CORS with PHP and Javascript/Ajax
问题描述
尽管我对Web开发的知识不足,但我一直在努力解决数小时.情况就是这样:
I've been trying to figure this out for hours, though I'm too uneducated in web development to understand. Heres the case:
另一个网站的脚本可以通过以下方式获取信息:
Another website has a script that they obtain information from the following way:
var url = "numbers.php";
parameters = "scoreid=" + document.getElementById('whatscore').value;
parameters += "&num=" + document.getElementById('num1b1').value;
xmlhttp2=GetXmlHttpObject();
if (xmlhttp2==null) {
alert ("Your browser does not support XMLHTTP!");
return;
}
xmlhttp2.onreadystatechange = function() {
if (xmlhttp2.readyState==4) {
scorespot.innerHTML=xmlhttp2.responseText; // load
setScores(document.getElementById('gradelvl').value); // set
document.getElementById('submitscorebtn').style.display="none";
}
}
xmlhttp2.open("POST",url,true);
xmlhttp2.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlhttp2.setRequestHeader("Content-length", parameters.length);
xmlhttp2.setRequestHeader("Connection", "close");
xmlhttp2.send(parameters);
我尝试做同样的事情,但是当我尝试它时,却遇到了跨域错误.我知道他们是用jsonp和其他方法实现的方法,尽管我不知道从哪里开始.
I've attempted to do the same thing, though when I attempt it I get the cross-origin error. I know their are ways to do it with jsonp and other things, though I have no clue where to start at all for this.
当我尝试直接从他们的页面请求信息时,访问了numbers.php页面,例如example.com/numbers.php?scoreid=131&num=41.我总是返回错误:参数语法错误".
When I attempt to directly request information from their page, the numbers.php page, such as example.com/numbers.php?scoreid=131&num=41 . I always get returned with "Error: incorrect parameter syntax".
有人可以告诉我如何解决此问题吗?我只非常了解PHP和Javascript,对Ajax和其他东西或外部库没有很好的了解.
Can anybody please tell me how I would fix this in my case? I only know PHP and Javascript well, I'm very uneducated with Ajax and other things or external libraries.
我感谢所有帮助! 注意:我无法访问Web服务器.
I appreciate all help whatsoever! NOTICE: I DO NOT HAVE ACCESS TO THE WEBSERVER.
推荐答案
如果您无权访问服务器配置,并且不控制外部php脚本(假设未将其设置为充当反向代理) ),那么您绝对不能为此使用独立 javascript解决方案.
If you do not have access to your server configuration, and if you do not control the external php script (assuming it's not set up to serve as a reverse proxy), then you absolutely cannot use a standalone javascript solution for this.
相反,您将必须从您自己的本地php脚本发出外部请求.然后,您将从Ajax调用本地php脚本,并且此将起作用,因为您正在访问本地文件,因此不会违反CORS.
Rather, you would have to make the external request from your own local php script. Then you would call your local php script from Ajax, and this will work since you are accessing a local file, and thus not violating CORS.
这是通过本地PHP脚本进行Ajax调用的示例.
想象一个场景,其中允许用户查找相册名称.用户输入歌曲的名称和艺术家.您向第3方api发送请求,然后通过JavaScript警报通知将响应返回给用户.对于此示例,假设用户输入"Black"和"Pearl Jam"作为歌曲和歌手的名字
Here is an example of an Ajax call thru a local PHP script.
Imagine a scenario where you allow users to lookup an album name. The user enters the name of the song, and the artist. You make a request to a 3rd party api, and return the response back to the user via a JavaScript alert notification. For this example, assume the user enters 'Black' and 'Pearl Jam' as the song and artist names
Ajax POST到带有HTML示例的本地PHP脚本:
<html>
<head>
<!-- Load jQuery Library from Google -->
<script src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js"> </script>
</head>
<body>
<h1> Ajax to local PHP Script Example: </h1>
<form id="getArtist">
Artist: <input type="text" placeholder="Pearl Jam">
Song: <input type="text" placeholder="Black">
<input type="submit" value="Click Here to Active Ajax Call">
</form>
</body>
</html>
<script type='text/javascript'>
$("#getArtist").submit(function(event) { //Listen to when the Submit is pressed
event.preventDefault(); //Stop the submit from actually performing a submit
$.post("local_script.php", { song: "Black", artist: "Pearl Jam", dataType: "json"}) //prepare and execute post
.done(function(response) { //Once we receive response from PHP script
//Do something with the response:
alert("The album name is: " +response);
//Look into JSON.parse and JSON.stringify for accessing data
});
});
</script>
PHP GET
<?php
$url = 'http://api.music.com/album';
$song = urlencode($_GET['song'])); //Need to url encode
$artist = urlencode($_GET['artist']); //Need to url encode
$response = file_get_contents($url .'?song=' .$song .'&artist=' .$artist);
//**The url looks like http://api.music.com/album?song=Black&artist=Pearl+Jam
//** For purposes of this demo, we will manually assume the JSON response from the API:
$response = '{ "album": "Ten" }'; //(Raw JSON returned by API)
echo $response; //Return the response back to AJAX, assuming it is already returned as JSON. Else encode it json_encode($response)
PHP POST(使用curl)
<?php
$url = 'http://api.music.com/album';
$song = urlencode($_GET['song'])); //Need to url encode
$artist = urlencode($_GET['artist']); //Need to url encode
//$headers = array("Key: " ."Value","Key: " ."Value", //Set any headers, if required.
$post = 'song=' .$song .'&artist=' .$artist; //Prepare Post parameters
/* Configure Curl */
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //Allow music api to send response
curl_setopt($ch, CURLOPT_POST, 1); //Signifyd that we are doing a POST request
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
//curl_setopt($curl, CURLOPT_HTTPHEADER, $header); //Only if you need to send headers
/* Get Response */
$response = curl_exec($ch);
//** For purposes of this demo, we will manually assume the JSON response from the API:
$response = '{ "album": "Ten" }'; //(Raw JSON returned by API)
echo $response; //Send response back to Ajax, assuming it was already returned in JSON. Else encode it.
进一步阅读Ajax请求:
https://api.jquery.com/jquery.获取/
https://api.jquery.com/jquery.post/
Further reading on Ajax requests:
https://api.jquery.com/jquery.get/
https://api.jquery.com/jquery.post/
这篇关于用PHP和Javascript/Ajax绕过CORS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
