CORS不再运作 [英] CORS not working anymore
问题描述
我遇到了一个奇怪的问题,从一天到另一天,我的AJAX请求网站不再运行.
I'm having a strange problem that from one day to another my AJAX requests for a website not working anymore.
我现在正在努力使其正常工作,但找不到问题.
I'm now struggling to get it working and can't find the problem.
这是我的JavaScript:基本上,这非常简单,它会检索ip adres,然后将其发送(POST)到存储它的站点.
this is my javascript: basically it's realy simple, it retrieves the ip adres and then sends it (POST) to a site which stores it.
var xhr = new XMLHttpRequest();
xhr.open('GET', 'https://dashboard.inofec.nl/ip', true);
// If specified, responseType must be empty string or "text"
xhr.responseType = 'text';
xhr.onload = function () {
if (xhr.readyState === xhr.DONE) {
if (xhr.status === 200) {
// console.log('R = ' + xhr.response);
// console.log('RT= ' + xhr.responseText);
tip = xhr.responseText;
var formData = new FormData();
formData.append('ip', tip);
formData.append('uri', turl);
formData.append('id', dataId);
var request = new XMLHttpRequest();
request.open("POST", "https://dashboard.inofec.nl/visits");
request.send(formData);
// console.log('IP = ' + tip);
// console.log('URL = ' + turl);
console.log('ID = ' + dataId);
}
else {
console.log('ERROR !');
}
}
}
xhr.send(null);
在服务器上,我现在添加了此功能以避免使用通配符
on the server I have now added this to avoid using a wildcard
if (isset($_SERVER['HTTP_ORIGIN']) && $_SERVER['HTTP_ORIGIN'] != '') {
header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']);
header('Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS');
header('Access-Control-Max-Age: 1000');
header('Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With');
}
仅使用
header('Access-Control-Allow-Origin:');我得到了错误:跨域请求被阻止:CORS标头"Access-Control-Allow-Origin"与",*"不匹配.
有了新的标题,我就得到了
And with the new headers i get
CORS标头"Access-Control-Allow-Origin"与" http://www.inofec.nl不匹配,*').
但是当我检查标题时,我看到它以正确的标题响应.
But when I check the headers I see that it responds with the correct header.
访问控制允许标题
内容类型,授权,X请求的访问控制允许方法
GET,PUT,POST,DELETE,选项access-control-allow-origin http://www.inofec.nl ,*
推荐答案
Yvo Cilon让我考虑了多个值.并指出正确的方向.
Yvo Cilon made me think about the multiple values. And pointed me in the right direction.
我搜索了标头,发现在网络服务器上已经设置了标头,并将其添加到我的代码中.
I searched for headers and noticed that on the webserver there was a header already set and I added it in my code.
我删除了网络服务器中设置的标头,以控制其使用方式和使用时间.
I removed the header set in the webserver to have control on how and when it is used.
感谢您分享您的想法.
这篇关于CORS不再运作的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!