没有“访问控制 - 允许 - 原产地”标头的请求的资源present。原产地'...',因此没有允许访问 [英] No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '...' is therefore not allowed access
问题描述
我使用的.htaccess重写URL和我为了使其工作使用HTML基标记。
现在,当我试图让我得到以下错误的Ajax请求:
XMLHtt prequest无法加载 http://www.wordicious.com/login.php 。没有访问控制 - 允许 - 原产地标头的请求的资源present。原产地 http://wordicious.com ,因此不允许访问。
为什么产生错误:
JavaScript的code是由同源策略,意义有限,从页面的 www.example.com
,你只能做(AJAX)请求到位于完全同一个域,在这种情况下,完全<$ C服务$ C> www.example.com (不可以 example.com
- 没有 WWW
- 或 whatever.example.com
)
在你的情况,你的Ajax code试图从位于 http://wordicious.com
服务> http://www.wordicious.com 。
虽然很相似,它们的不可以同一个域。而当他们不在同一个域,请求才会成功,如果目标的respose包含访问控制 - 允许 - 原产地
头在里面。
随着网页/服务的 http://wordicious.com
从未配置为present这样的标题,显示该错误消息。
解决方法:
至于说,原产地(其中支持JavaScript的网页是在)和目标(其中JavaScript是试图达到)域必须在确切相同。
您的情况似乎是一个错字。貌似 http://wordicious.com
和 http://www.wordicious.com
实际上是在同一台服务器/域。因此,要解决,输入目标和源同样为让你的Ajax code的请求页/以 http://www.wordicious.com
服务不 http://wordicious.com
。 (也许将目标URL比较,如'/ login.php中
,没有域)。
在一个更广泛的注意事项:
如果问题不是一个错字像这个问题的人似乎是,该解决方案是为添加访问控制 - 允许 - 原产地
到目标域。添加它,取决于该地址后面的服务器/语言,当然。有时在工具配置变量会做的伎俩。其他时候,你就必须添加到$ C $的接头连接器C自己。
I'm using .htaccess to rewrite urls and I used html base tag in order to make it work.
Now, when I try to make an ajax request I get the following error:
XMLHttpRequest cannot load http://www.wordicious.com/login.php. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://wordicious.com' is therefore not allowed access.
Why the error is raised:
JavaScript code is limited by the same-origin policy, meaning, from a page at www.example.com
, you can only make (AJAX) requests to services located at exactly the same domain, in that case, exactly www.example.com
(not example.com
- without the www
- or whatever.example.com
).
In your case, your Ajax code is trying to reach a service in http://wordicious.com
from a page located at http://www.wordicious.com
.
Although very similar, they are not the same domain. And when they are not on the same domain, the request will only be successful if the target's respose contains a Access-Control-Allow-Origin
header in it.
As your page/service at http://wordicious.com
was never configured to present such header, that error message is shown.
Solution:
As said, the origin (where the page with JavaScript is at) and the target (where the JavaScript is trying to reach) domains must be the exact same.
Your case seems like a typo. Looks like http://wordicious.com
and http://www.wordicious.com
are actually the same server/domain. So to fix, type the target and the origin equally: make you Ajax code request pages/services to http://www.wordicious.com
not http://wordicious.com
. (Maybe place the target URL relatively, like '/login.php'
, without the domain).
On a more general note:
If the problem is not a typo like the one of this question seems to be, the solution would be to add the Access-Control-Allow-Origin
to the target domain. To add it, depends, of course, of the server/language behind that address. Sometimes a configuration variable in the tool will do the trick. Other times you'll have to add the headers through code yourself.
这篇关于没有“访问控制 - 允许 - 原产地”标头的请求的资源present。原产地'...',因此没有允许访问的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!