CORS - 跨域AJAX没有JSONP通过允许服务器上的原点 [英] CORS - Cross-Domain AJAX Without JSONP By Allowing Origin On Server
问题描述
我在同一个伺服器上有两个不同的应用程式,而EmberJS尝试对我的后端API执行跨网域呼叫。
我设定了我的后端API以允许来自该特定来源的跨网域请求。有没有办法,以避免使用JSONP这样的设置? $。ajax 在发送之前阻止跨域请求。如果没有,CORS的点是什么,服务器端我实现了接受我的JS前端源的请求?
EDIT
AJAX要求:
$。ajax({
url:api.lvh.me:3000/accounts/login,
data:cred,
type:POST,
xhrFields:{
withCredentials:true
},
success:function(response){
alert('succeeded!');
console.log(response);
alert b $ b},
failure:function(message){
alert(failed);
console.log(message);
alert b}
});
如果启用CORS,则不需要使用JSONP 。
Access-Control-Allow-Origin:http://www.example.com
如果在响应中设置了此标头,则正常的XmlHttpRequest将能够像访问同样的域一样访问响应。检查此标头是否设置正确。
我希望这个链接会帮助你,如果你使用jquery - > - > - > - / p> 更新: 在任何网域尝试此操作,您都会收到回复。 更新解决方案: 请求没有http://的网址导致问题, I have two separate apps on the same server, with the EmberJS one trying to do cross-domain calls to my backend API. I set up my backend API to allow cross-domain requests from that specific origin. Is there a way however, to avoid using JSONP with such a set up? EDIT AJAX request:
There is no need to use JSONP if you enable CORS. if this header is set in the response, then normal XmlHttpRequest will be able to access the response as if it is like same domain. Check whether this header is set correctly. I hope that this link will help you if you are using jquery A CORS POST request works from plain javascript, but why not with jQuery? Update:
Example Try this in any domain, you will get response. Update solution: Request url without "http://" caused the problem, prepending "http://" solved the issue 这篇关于CORS - 跨域AJAX没有JSONP通过允许服务器上的原点的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
示例
var xmlhttp = new XMLHttpRequest ();
var url =https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS?redirectlocale=en-US&redirectslug=HTTP_access_control;
xmlhttp.open(GET,url,false);
xmlhttp.setRequestHeader(Content-Type,application / x-www-form-urlencoded; charset = UTF-8);
xmlhttp.send();
$.ajax is blocking cross-domain requests before they ever get sent. If not, what is the point of CORS, which server-side I had implemented to accept requests from my JS front-end source?$.ajax({
url: "api.lvh.me:3000/accounts/login",
data: cred,
type: "POST",
xhrFields: {
withCredentials: true
},
success: function(response){
alert('succeeded!');
console.log(response);
alert(response);
},
failure: function(message){
alert("failed");
console.log(message);
alert(message);
}
});
Access-Control-Allow-Origin: http://www.example.com
var xmlhttp= new XMLHttpRequest();
var url="https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS?redirectlocale=en-US&redirectslug=HTTP_access_control";
xmlhttp.open("GET",url,false);
xmlhttp.setRequestHeader("Content-Type", "application/x-www-form-urlencoded; charset=UTF-8");
xmlhttp.send();
