拒绝将不安全的标头“来源"设置为使用谷歌浏览器的xmlHttpRequest时 [英] Refused to set unsafe header "Origin" when using xmlHttpRequest of Google Chrome

查看:1347
本文介绍了拒绝将不安全的标头“来源"设置为使用谷歌浏览器的xmlHttpRequest时的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

收到此错误消息: Refused to set unsafe header "Origin"

使用此代码:

   function getResponse() {
            document.getElementById("_receivedMsgLabel").innerHTML += "getResponse() called.<br/>";
            if (receiveReq.readyState == 4 || receiveReq.readyState == 0) {
                receiveReq.open("GET", "http://L45723:1802", true, "server", "server123");  //must use L45723:1802 at work.
                receiveReq.onreadystatechange = handleReceiveMessage;
                receiveReq.setRequestHeader("Origin", "http://localhost/");
                receiveReq.setRequestHeader("Access-Control-Request-Origin", "http://localhost");
                receiveReq.timeout = 0;
                var currentDate = new Date();
                var sendMessage = JSON.stringify({
                    SendTimestamp: currentDate,
                    Message: "Message 1",
                    Browser: navigator.appName
                });
                receiveReq.send(sendMessage);

            }
        }

我做错了什么?使该CORS请求正常工作的标头中缺少什么?

What am I doing wrong? What am I missing in the header to make this CORS request work?

我尝试删除receiveReq.setRequestHeader("Origin", ...)通话,但是Google Chrome浏览器在我的receiveReq.open()通话中引发了访问错误...

I tried removing the receiveReq.setRequestHeader("Origin", ...) call but then Google Chrome throws an access error on my receiveReq.open() call...

为什么?

推荐答案

这只是一个猜测,因为我将jquery用于ajax请求,包括CORS.

This is just a guess, as I use jquery for ajax requests, including CORS.

我认为浏览器应该设置标题,而不是您.如果您能够设置标题,那将违反安全功能的目的.

I think the browser is supposed to set the header, not you. If you were able to set the header, that would defeat the purpose of the security feature.

尝试不设置这些标头的请求,然后查看浏览器是否为您设置了标头.

Try the request without setting those headers and see if the browser sets them for you.

这篇关于拒绝将不安全的标头“来源"设置为使用谷歌浏览器的xmlHttpRequest时的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
前端开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆