发表新帖
发表新帖

Origin is not allowed by Access-Control-Allow-Origin

后端 未结
关注
18 2790
北海茫月
北海茫月 2020-11-21 05:52

I\'m making an Ajax.request to a remote PHP server in a Sencha Touch 2 application (wrapped in PhoneGap).

The response from the server is the following:

相关标签:
18条回答
  • 南旧
    2020-11-21 05:55

    If you have an ASP.NET / ASP.NET MVC application, you can include this header via the Web.config file:

    <system.webServer>
  ...

    <httpProtocol>
        <customHeaders>
            <!-- Enable Cross Domain AJAX calls -->
            <remove name="Access-Control-Allow-Origin" />
            <add name="Access-Control-Allow-Origin" value="*" />
        </customHeaders>
    </httpProtocol>
</system.webServer>
    0 讨论(0)
  • 清酒与你
    2020-11-21 05:58

    I've run into this a few times when working with various APIs. Often a quick fix is to add "&callback=?" to the end of a string. Sometimes the ampersand has to be a character code, and sometimes a "?": "?callback=?" (see Forecast.io API Usage with jQuery)

    0 讨论(0)
  • 日久生厌
    2020-11-21 05:59

    You may make it work without modifiying the server by making the broswer including the header Access-Control-Allow-Origin: * in the HTTP OPTIONS' responses.

    In Chrome, use this extension. If you are on Mozilla check this answer.

    0 讨论(0)
  • 没有蜡笔的小新
    2020-11-21 06:03

    This was the first question/answer that popped up for me when trying to solve the same problem using ASP.NET MVC as the source of my data. I realize this doesn't solve the PHP question, but it is related enough to be valuable.

    I am using ASP.NET MVC. The blog post from Greg Brant worked for me. Ultimately, you create an attribute, [HttpHeaderAttribute("Access-Control-Allow-Origin", "*")], that you are able to add to controller actions.

    For example:

    public class HttpHeaderAttribute : ActionFilterAttribute
{
    public string Name { get; set; }
    public string Value { get; set; }
    public HttpHeaderAttribute(string name, string value)
    {
        Name = name;
        Value = value;
    }

    public override void OnResultExecuted(ResultExecutedContext filterContext)
    {
        filterContext.HttpContext.Response.AppendHeader(Name, Value);
        base.OnResultExecuted(filterContext);
    }
}

    And then using it with:

    [HttpHeaderAttribute("Access-Control-Allow-Origin", "*")]
public ActionResult MyVeryAvailableAction(string id)
{
    return Json( "Some public result" );
}
    0 讨论(0)
  • 既然无缘
    2020-11-21 06:03

    When you receive the request you can 

    var origin = (req.headers.origin || "*");

    than when you have to response go with something like that:

    res.writeHead(
    206,
    {
        'Access-Control-Allow-Credentials': true,
        'Access-Control-Allow-Origin': origin,
    }
);
    0 讨论(0)
  • 小蘑菇
    2020-11-21 06:04

    If you get this in Angular.js, then make sure you escape your port number like this:

    var Project = $resource(
    'http://localhost\\:5648/api/...', {'a':'b'}, {
        update: { method: 'PUT' }
    }
);

    See here for more info on it.

    0 讨论(0)
 看不清?
提交回复
热议问题