同一个域上的 CORS 错误? [英] CORS error on same domain?
问题描述
我现在遇到了一个奇怪的 CORS 问题.
错误信息如下:
XMLHttpRequest 无法加载 http://localhost:8666/routeREST/select?q=[...]Access-Control-Allow-Origin 不允许 Origin http://localhost:8080两台服务器:
- localhost:8666/routeREST/:这是一个简单的 Python Bottle 服务器.
- localhost:8080/:Python simpleHTTPserver,我在其中运行 y Javascript 应用程序.此应用正在上面的服务器上执行 Ajax 请求.
有没有想过可能是什么问题?
而且...端口是问题所在.感谢您的回答:)
如果有人也在使用 Python 瓶子服务器,你可以按照这篇文章中给出的答案来解决 CORS 问题:Bottle Py:为 jQuery AJAX 请求启用 CORS
只有协议、host 和 port 相同:同源策略
如果您想启用它,您必须遵循跨源资源共享 (cors)通过添加标题.Mozilla 有示例
您需要在响应中添加 Access-Control-Allow-Origin 作为标头.为了允许所有人(你应该不这样做):
Access-Control-Allow-Origin:*如果您需要支持多个来源(例如 example.com 和 www.example.com),请设置 Access-Control-Allow-Origin 在您对请求中 Origin-header 的值的回复中(在您确认 Origin 被列入白名单之后.)
另请注意,某些请求会发送带有 OPTION 方法的预检请求,因此如果您编写自己的代码,您也必须处理这些请求.有关示例,请参阅 Mozilla.
I'm running into a weird CORS issue right now.
Here's the error message:
XMLHttpRequest cannot load http://localhost:8666/routeREST/select?q=[...]
Origin http://localhost:8080 is not allowed by Access-Control-Allow-Origin
Two servers:
- localhost:8666/routeREST/ : this is a simple Python Bottle server.
- localhost:8080/ : Python simpleHTTPserver where I run y Javascript application. This app is executing Ajax requests on the server above.
Any thought on what could be the problem?
EDIT:
And... the port was the problem. Thanks for your answers :)
If anyone is using a Python bottle server as well, you can follow the answer given on this post to solve the CORS issue: Bottle Py: Enabling CORS for jQuery AJAX requests
It is only considered to be the same if the protocol, host and port is the same: Same Origin Policy
If you want to enable it you must follow Cross-Origin Resource Sharing (cors) by adding headers. Mozilla has examples
You need to add Access-Control-Allow-Origin as a header in your response. To allow everyone (you should probably NOT do that):
Access-Control-Allow-Origin: *
If you need to support multiple origins (for example both example.com and www.example.com), set the Access-Control-Allow-Origin in your reply to the value of the Origin-header from the request (after you verified that the Origin is white-listed.)
Also note that some requests send a preflight-request, with an OPTION-method, so if you write your own code you must handle those requests too. See Mozilla for examples.
这篇关于同一个域上的 CORS 错误?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
