XMLHttpRequest无法加载网址。原点不允许由Access-Control-Allow-Origin [英] XMLHttpRequest cannot load URL. Origin not allowed by Access-Control-Allow-Origin
问题描述
我想创建一个使用来自其他域的xml数据的小型网站。 (天气数据来自Weather Underground:www.wunderground.com)。
I want to make a small website that uses xml data from another domain. (Weather data from Weather Underground: www.wunderground.com). I am using just html and javascript, and writing it all in Visual Studio Express 2012 for Web.
我发送和发送xml请求如下:
I make and send the xml request as follows:
url = "http://api.wunderground.com/api/3c6e3d838e217361/geolookup/conditions/forecast/q/51.11999893,-114.01999664.xml";
xmlhttp = new XMLHttpRequest();
xmlhttp.open("GET", url, false);
xmlhttp.send();
xmlDoc = xmlhttp.responseXML;
问题是,我在Google Chrome(版本29.0.1547.66)开发人员控制台中收到以下错误:
The problem is that I get the following error in the Google Chrome (version 29.0.1547.66) developer console:
XMLHttpRequest cannot load http://api.wunderground.com/api/3c6e3d838e217361/geolookup/conditions/forecast/q/51.11999893,-114.01999664.xml. Origin http://localhost:49933 is not allowed by Access-Control-Allow-Origin.
或在Internet Explorer(版本10.0.8)控制台上:
Or this on Internet Explorer (version 10.0.8) console:
SEC7118: XMLHttpRequest for http://api.wunderground.com/api/3c6e3d838e217361/geolookup/conditions/forecast/q/51.11999893,-114.01999664.xml required Cross Origin Resource Sharing (CORS).
据我所知,CORS(http://enable-cors.org/ )需要客户端和服务器都努力工作。我想假设Weather Underground API知道它正在做什么,并已经适当地启用了事情,例如将响应头设置为包括Access-Control-Allow-Origin:*,并且我知道我得到相同的问题我尝试使用另一个API提供程序(世界天气在线)相同的代码。所以我认为这是我应该能够解决在我的客户端代码。
另一个SO答案,建议是修复服务器端头:
CORS with XMLHttpRequest
As I understand it, CORS (http://enable-cors.org/) needs effort by both the client and the server to work. I want to assume that the Weather Underground API knows what it is doing and has enabled things appropriately, such as setting the response header to include 'Access-Control-Allow-Origin: *', and I know that I get the same problems when I try the same code using another API provider (World Weather Online). So I think this is something I should be able to fix in my client code. Another SO answer where the suggestion is to fix the server-side header: CORS with XMLHttpRequest
我试图找到答案,但不理解文章:
http://dev.opera.com/articles/view/dom-access-control-using-cross-原始资源共享/
http://saltybeagle.com / 2009/09 / cross-origin-resource-sharing-demo /
I have tried to find answers, but don't understand articles such as: http://dev.opera.com/articles/view/dom-access-control-using-cross-origin-resource-sharing/ http://saltybeagle.com/2009/09/cross-origin-resource-sharing-demo/
推荐答案
http://api.jquery.com/jQuery.ajax/rel =nofollow> Ajax with JSONP if you want in jquery
Use Ajax with JSONP if you want in jquery
对于javascript请参阅 http://developer.chrome.com/extensions/xhr.html 和 http ://www.leggetter.co.uk/2010/03/12/making-cross-domain-javascript-requests-using-xmlhttprequest-or-xdomainrequest.html
For javascript see here , http://developer.chrome.com/extensions/xhr.html and http://www.leggetter.co.uk/2010/03/12/making-cross-domain-javascript-requests-using-xmlhttprequest-or-xdomainrequest.html
使用 .json 格式数据,而不是 .xml ,使您的应用程序更简单,更快速,即 http://api.wunderground.com/api/3c6e3d838e217361/geolookup/conditions/forecast/q/51.11999893, -114.01999664.json
Use .json format data rather than .xml to make your application simpler and faster i.e http://api.wunderground.com/api/3c6e3d838e217361/geolookup/conditions/forecast/q/51.11999893,-114.01999664.json
这篇关于XMLHttpRequest无法加载网址。原点不允许由Access-Control-Allow-Origin的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
