发表新帖
发表新帖

Origin is not allowed by Access-Control-Allow-Origin

后端 未结
关注
18 2792
北海茫月
北海茫月 2020-11-21 05:52

I\'m making an Ajax.request to a remote PHP server in a Sencha Touch 2 application (wrapped in PhoneGap).

The response from the server is the following:

相关标签:
18条回答
  • 隐瞒了意图╮
    2020-11-21 06:08

    We also have same problem with phonegap application tested in chrome. One windows machine we use below batch file everyday before Opening Chrome. Remember before running this you need to clean all instance of chrome from task manager or you can select chrome to not to run in background.

    BATCH: (use cmd)

    cd D:\Program Files (x86)\Google\Chrome\Application\chrome.exe --disable-web-security
    0 讨论(0)
  • 轻奢々
    2020-11-21 06:09

    If you don't have control of the server, you can simply add this argument to your Chrome launcher: --disable-web-security.

    Note that I wouldn't use this for normal "web surfing". For reference, see this post: Disable same origin policy in Chrome.

    One you use Phonegap to actually build the application and load it onto the device, this won't be an issue.

    0 讨论(0)
  • 有刺的猬
    2020-11-21 06:10

    In Ruby Sinatra

    response['Access-Control-Allow-Origin'] = '*'

    for everyone or

    response['Access-Control-Allow-Origin'] = 'http://yourdomain.name'
    0 讨论(0)
  • 被撕碎了的回忆
    2020-11-21 06:13

    This is because of same-origin policy. See more at Mozilla Developer Network or Wikipedia.

    Basically, in your example, you need load the http://nqatalog.negroesquisso.pt/login.php page only from nqatalog.negroesquisso.pt, not localhost.

    0 讨论(0)
  • 萌比男神i
    2020-11-21 06:14

    This might be handy for anyone who needs to an exception for both 'www' and 'non-www' versions of a referrer:

     $referrer = $_SERVER['HTTP_REFERER'];
 $parts = parse_url($referrer);
 $domain = $parts['host'];

 if($domain == 'google.com')
 {
         header('Access-Control-Allow-Origin: http://google.com');
 }
 else if($domain == 'www.google.com')
 {
         header('Access-Control-Allow-Origin: http://www.google.com');
 }
    0 讨论(0)
  • 误落风尘
    2020-11-21 06:16

    I will give you a simple solution for this one. In my case I don't have access to a server. In that case you can change the security policy in your Google Chrome browser to allow Access-Control-Allow-Origin. This is very simple:

    1. Create a Chrome browser shortcut
    2. Right click short cut icon -> Properties -> Shortcut -> Target

    Simple paste in "C:\Program Files\Google\Chrome\Application\chrome.exe" --allow-file-access-from-files --disable-web-security.

    The location may differ. Now open Chrome by clicking on that shortcut.

    0 讨论(0)
 看不清?
提交回复
热议问题