来自来源"xxx"的信息已被CORS政策阻止: [英] from origin 'xxx' has been blocked by CORS policy:

问题描述

我正在尝试使用浏览器中最基本的get请求，由于CORs问题，该请求失败了.

I'm trying the most basic get request from the browser and it fails due to CORs issues.

axios.get(
  "https://github.com/login/oauth/authorize?client_id={ID}"
);

是否不可能从浏览器发出此请求?我试图了解如何单击一个按钮并使此链接起作用.

Is it just not possible to make this request from the browser? I'm trying to understand how it's possible to click a button and have this link work.

来自来源' http://localhost:3001 '已被CORS策略阻止:否'访问控制-Allow-Origin标头出现在请求的资源上.

from origin 'http://localhost:3001' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

推荐答案

简单的答案是否.

未经服务器许可，您不能呼叫任何端点(不同来源).

You can't call any endpoint (different origin) without server's permission.

它称为CORS (跨源资源共享).在同一行中，它是一种浏览器安全性.浏览器阻止您阻止此类请求.

It's called CORS (Cross-Origin Resource Sharing). In one line, it is a browser security . Browser blocks you to prevent such request.

好吧，如果选中浏览器的网络"选项卡，则浏览器会使用OPTION方法向服务器再发送一个请求(在实际请求之前).在请求的响应中，服务器将告知浏览器是否有效.

Well, if you check Network Tab of a browser, browser sends one more request to server (before actual request) with OPTION method. In the response of the request, server tells to browers if it's valid request or not.

有关更多详细信息，请阅读MDN https://developer.mozilla .org/zh-CN/docs/Web/HTTP/CORS

For more details, Read MDN https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS

这篇关于来自来源"xxx"的信息已被CORS政策阻止:的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！