没有“访问控制 - 允许 - 原产地”标头的请求的资源present。原产地'...'，因此没有允许访问 [英] No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '...' is therefore not allowed access

问题描述

我使用的.htaccess重写URL和我为了使其工作使用HTML基标记。

现在，当我试图让我得到以下错误的Ajax请求：

  

XMLHtt prequest无法加载 http://www.wordicious.com/login.php 。没有访问控制 - 允许 - 原产地标头的请求的资源present。原产地 http://wordicious.com ，因此不允许访问。

解决方案

为什么产生错误：

JavaScript的code是由同源策略，意义有限，从页面的 www.example.com ，你只能做（AJAX）请求到位于完全同一个域，在这种情况下，完全<$ C服务$ C> www.example.com （不可以 example.com - 没有 WWW - 或 whatever.example.com ）

在你的情况，你的Ajax code试图从位于 http://wordicious.com 服务> http://www.wordicious.com 。

虽然很相似，它们的不可以同一个域。而当他们不在同一个域，请求才会成功，如果目标的respose包含访问控制 - 允许 - 原产地头在里面。

随着网页/服务的 http://wordicious.com 从未配置为present这样的标题，显示该错误消息。

解决方法：

至于说，原产地（其中支持JavaScript的网页是在）和目标（其中JavaScript是试图达到）域必须在确切相同。

您的情况似乎是一个错字。貌似 http://wordicious.com 和 http://www.wordicious.com 实际上是在同一台服务器/域。因此，要解决，输入目标和源同样为让你的Ajax code的请求页/以 http://www.wordicious.com 服务不 http://wordicious.com 。 （也许将目标URL比较，如'/ login.php中，没有域）。

在一个更广泛的注意事项：

如果问题不是一个错字像这个问题的人似乎是，该解决方案是为添加访问控制 - 允许 - 原产地到目标域。添加它，取决于该地址后面的服务器/语言，当然。有时在工具配置变量会做的伎俩。其他时候，你就必须添加到$ C $的接头连接器C自己。

I'm using .htaccess to rewrite urls and I used html base tag in order to make it work.

Now, when I try to make an ajax request I get the following error:

XMLHttpRequest cannot load http://www.wordicious.com/login.php. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://wordicious.com' is therefore not allowed access.

解决方案

Why the error is raised:

JavaScript code is limited by the same-origin policy, meaning, from a page at www.example.com, you can only make (AJAX) requests to services located at exactly the same domain, in that case, exactly www.example.com (not example.com - without the www - or whatever.example.com).

In your case, your Ajax code is trying to reach a service in http://wordicious.com from a page located at http://www.wordicious.com.

Although very similar, they are not the same domain. And when they are not on the same domain, the request will only be successful if the target's respose contains a Access-Control-Allow-Origin header in it.

As your page/service at http://wordicious.com was never configured to present such header, that error message is shown.

Solution:

As said, the origin (where the page with JavaScript is at) and the target (where the JavaScript is trying to reach) domains must be the exact same.

Your case seems like a typo. Looks like http://wordicious.com and http://www.wordicious.com are actually the same server/domain. So to fix, type the target and the origin equally: make you Ajax code request pages/services to http://www.wordicious.com not http://wordicious.com. (Maybe place the target URL relatively, like '/login.php', without the domain).

On a more general note:

If the problem is not a typo like the one of this question seems to be, the solution would be to add the Access-Control-Allow-Origin to the target domain. To add it, depends, of course, of the server/language behind that address. Sometimes a configuration variable in the tool will do the trick. Other times you'll have to add the headers through code yourself.

这篇关于没有“访问控制 - 允许 - 原产地”标头的请求的资源present。原产地'...'，因此没有允许访问的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！