AngularJs否“访问控制允许来源” [英] AngularJs No 'Access-Control-Allow-Origin'

问题描述

我米试图与请求的角度是这样的：

I"m trying to make a request with angular like this:

(function () {
    'use strict';

    angular.module('app')
        .service('requestService',requestService);

    function requestService($http) {
        this.post = function(url, data) {
            return $http({
                'method': 'POST',
                'url': url,
                'data': $.param(
                    data
                )
            });
        }
    }
})();

我收到错误在我的控制台：

I receive the error in my console:

XMLHttpRequest cannot load http://lsupport.dev/api/v1/login. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access.

我的的http：//本地主机：3000 是建立与一饮而尽。我已经在网上搜索了很多，但我不能找到一个解决方案。

My http://localhost:3000 is build with gulp. I've already searched a lot on the web, but I cannot find a solution.

任何帮助将是AP preciated。先谢谢了。

Any help would be appreciated. Thanks in advance.

推荐答案

您正在跨域请求。

在换句话说，你是从发出请求的服务器的域名是不是你正在请求到服务器相同的域名。

In other words, the domain name of the server you are making the request from is not the same as the domain name of the server you are making the request to.

由于风险参与这个，你正在对必须设置访问控制允许来源头部请求的服务器。可以在Google，你应该使用哪些。这允许HTTP请求来自任何域进行到该服务器（或域的白名单）。

Because of the "risk" involved in this, the server which you are making the request to must set Access-Control-Allow-Origin headers. You can Google which ones you should use. This allows HTTP requests to be made to this server from ANY domain (or from a whitelist of domains).

此外，使跨起源POST和PUT请求时，一个pre-航班选择请求首先由客户端。

Also, when making cross origin POST and PUT requests, a pre-flight OPTIONS requests is first made by the client.

这OPTIONS请求有一个目的，以确定它们是否正确的访问控制允许来源标题均已到位。如果他们是它会使POST请求。如果不是，它就会失败。这是为了节省时间发送的数据的负载时，是不允许的。

This OPTIONS request has one purpose, to determine if they correct Access-Control-Allow-Origin headers are in place. If they are it will make the POST request. If not, it will fail. This is to save time POSTing a load of data when it is not permitted.

如果您在您的浏览器开发者控制台检查Net标签，你会看到这个选项要求正在取得进展。

If you check your NET tab in your browsers developer console you will see this OPTIONS request being made.

这篇关于AngularJs否“访问控制允许来源”的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！