为什么 Chrome 会取消 CORS OPTION 请求 [英] Why Chrome cancel CORS OPTION request

问题描述

在我的应用程序中，我正在创建从 HTTP 到 HTTPS 的 AJAX 请求.这意味着我需要 CORS.因此，我向 jQuery.ajax 添加了一些标头和参数并对其进行了测试.在 Firefox 中一切正常，但在 Chrome 中却不行.Chrome 杀死"每个预请求的请求(选项).

in my app I'm creating AJAX request from HTTP to HTTPS. This means I need CORS. So I add some headers and params to jQuery.ajax and test it. In Firefox everythings works OK, but in Chrome not. Chrome "kill" every preflighed request (OPTIONS).

jQuery 脚本:

$(document).on('click', 'a.ajax', function(e) {
    e.preventDefault();
    $.ajax(this.href, {
        type: 'GET',
        dataType: 'json',
        crossDomain: false,
        headers: {'X-Requested-With': 'XMLHttpRequest'},
        xhrFields: {
            withCredentials: true
        }
    });
    return false;
});

HTTP 转储:

> OPTIONS /foo HTTP/1.1
> User-Agent: curl/7.29.0
> Host: local.bar.cz
> Accept: */*
> Access-Control-Request-Headers:accept, origin, x-requested-with
> Access-Control-Request-Method:GET
> Origin:http://local.bar.cz
> 
< HTTP/1.1 204
< Server: nginx/1.2.7
< Date: Wed, 27 Feb 2013 15:06:54 GMT
< Content-Type: text/html; charset=utf-8
< Connection: keep-alive
< X-Powered-By: Nette Framework
< X-Frame-Options: SAMEORIGIN
< Access-Control-Allow-Origin: http://local.bar.cz
< Access-Control-Allow-Credentials: true
< Access-Control-Allow-Headers: accept, origin, x-requested-with
< Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
< 

有人知道为什么 chrome 会终止这个请求吗?

any one knows why chrome kill this request?

推荐答案

可能你的 https 服务器有一个不受信任的证书.如果是这样，请先尝试使用浏览器访问该 URL，并接受不受信任的连接.

Maybe your https server has an untrusted certificate. If so, try accessing to the URL with your browser first, and accepting the untrusted connection.

这篇关于为什么 Chrome 会取消 CORS OPTION 请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！