重复访问控制 - 允许原产地:*导致COR错误? [英] Duplicate Access-Control-Allow-Origin: * causing COR error?

查看:448
本文介绍了重复访问控制 - 允许原产地:*导致COR错误?的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

从客户的网络API调用rest api,并返回重复的Access-Control-Allow-Origin:*并导致COR错误。

Calling a rest api from a customer's web api and it's returning duplicate Access-Control-Allow-Origin: * and it causing COR errors.

在本地,并且重复确实导致错误,而单个Access-Control-Allow-Origin:*工作。

I've tested locally and the duplicate does cause the error whereas a single Access-Control-Allow-Origin: * works.

调用GET时有从我身边的方法?

Is there a way around this from my side when calling the GET?

HTTP/1.1 200 OK
Date: Wed, 28 Nov 2012 19:40:10 GMT
Server: Microsoft-IIS/6.0
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Origin: *
Set-Cookie: TargetToken=AB3Hirk0TNDPCfVY6LZd1Fs1; Expires=Fri, 28-Nov-2014 19:40:10 G11T;       Path=/; HttpOnly
Cache-Control: no-cache
Pragma: no-cache
Expires: -1
Content-Type: application/xml; charset=utf-8
Content-Length: 590




XMLHttpRequest无法加载 http://target.com/api/getstuff?stuffid=4
来源 http://mysite.com 不允许通过
访问控制允许原始。

XMLHttpRequest cannot load http://target.com/api/getstuff?stuffid=4. Origin http://mysite.com is not allowed by Access-Control-Allow-Origin.


推荐答案

CORS规范明确规定多个Access-Control-Allow-不允许: http://www.w3.org/TR/cors /#resource-sharing-check-0

The CORS spec explicitly states that multiple Access-Control-Allow-Origin headers are not allowed: http://www.w3.org/TR/cors/#resource-sharing-check-0

有没有办法说服客户端修复他们的服务器实现?

Is there any way to convince the client to fix their server implementation?

这篇关于重复访问控制 - 允许原产地:*导致COR错误?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆