为什么我的http://localhost CORS来源不起作用? [英] Why does my http://localhost CORS origin not work?

问题描述

即使我为服务器(nginx/node.js)设置了适当的标头，我仍然会遇到CORS问题.

I am stuck with this CORS problem, even though I set the server (nginx/node.js) with the appropriate headers.

我可以在Chrome网络窗格中->响应标题:

I can see in Chrome Network pane -> Response Headers:

Access-Control-Allow-Origin:http://localhost

这应该可以解决问题.

这是我现在用来测试的代码:

Here's the code that I now use to test:

var xhr = new XMLHttpRequest();
xhr.onload = function() {
   console.log('xhr loaded');
};
xhr.open('GET', 'http://stackoverflow.com/');
xhr.send();

我知道

XMLHttpRequest无法加载 http://stackoverflow.com/.Access-Control-Allow-Origin不允许起源 http://localhost .

XMLHttpRequest cannot load http://stackoverflow.com/. Origin http://localhost is not allowed by Access-Control-Allow-Origin.

我怀疑这是客户端脚本中的问题，而不是服务器配置中的问题...

I suspect it's a problem in the client script and not server configuration...

推荐答案

Chrome浏览器不支持CORS请求的本地主机(此错误于2010年打开，于2014年标记为WontFix).

Chrome does not support localhost for CORS requests (a bug opened in 2010, marked WontFix in 2014).

要解决此问题，您可以使用类似 lvh.me 的域(就像localhost一样指向127.0.0.1)，或者使用-disable-web-security 标志(假设您只是在测试).

To get around this you can use a domain like lvh.me (which points at 127.0.0.1 just like localhost) or start chrome with the --disable-web-security flag (assuming you're just testing).

这篇关于为什么我的http://localhost CORS来源不起作用?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！