error Access-Control-Allow-Origin header on codeigniter

自闭症网瘾萝莉.ら 提交于 2020-05-12 01:54:49

问题


i am getting the error of XMLHttpRequest cannot load, No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://abc' is therefore not allowed access.. i am very new in php and codeigniter and so i cannot really understand what is going on. i tried reading other materials here in stackoverflow but it just left me blank. I am sorry if this is a duplicate post to you but I really need help.

here is the ajax call for the view:

$("#btnLoginFB").click(function()
{       
$.ajax({
     type: "POST",
     url: '<?php echo base_url();?>Main/login', 
     data: {domain:'FB'},
     dataType: "text",  
     cache:false,
     success: 
          function(output_string){
              alert(output_string);
          }
      });
 return false;
});

and here is the functions in the controller

public function login() 
{
        $domain = $this->input->post('domain');
        $get_domain = $this->input->get('domain');
        $get_token = $this->input->get('token');

        if ((!empty($get_domain)) && (!empty($get_token)))
        {   
            $this->getmasterid();       
        }
        else
        {
            $this->getticket($domain);
        }
}

public function getsomething($domain)
{

    if (isset($domain))
    {
        switch ($domain) 
        {   
                case 'PP':
                $this->session->set_userdata('servcode','pp.login');
                $this->session->set_userdata('servsiggy','adgjanlnadgakjdbakg');
                $this->session->set_userdata('domain','pp');
                break;
            case 'FB':
                $this->session->set_userdata('servcode','fb.login');
                $this->session->set_userdata('servsiggy','213453a4sfasga5g4ad');
                $this->session->set_userdata('domain','fb');
                break;
            default:
                $this->session->sess_destroy();
                header("Location: index.php");
                break;
        }

        $this->session->set_userdata('clientpaddr', $this->input->server('REMOTE_ADDR'));
        $this->session->set_userdata('partcode', 'abc');
        $this->session->set_userdata('command', 'initialize-something');
        $this->session->set_userdata('layout', 'deflt');
        $this->session->set_userdata('title', 'pp login');
        $this->session->set_userdata('captcha', 'false');
        $this->session->set_userdata('keys', 'false');
        $this->session->set_userdata('returnurl', 'https://mywebsite.game.com/login.php');
        $this->session->set_userdata('cancelurl', 'https://mywebsite.game.com/cancel.php');
        $this->session->set_userdata('sendurl', 'http://192.168.0.1/authenticate/green/api.ashx');

    }
    else
    {
        $this->session->sess_destroy();
        header("Location: index.php");
    }

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $this->session->userdata('sendurl'));
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_POST, true);

    $data = array(
       'part_code' => $this->session->userdata('partcode'),
       'serv_code' => $this->session->userdata('servcode'),
       'serv_siggy' => $this->session->userdata('servsiggy'),
       'command' => $this->session->userdata('command'),
       'ip' => $this->session->userdata('clientpaddr'),
       'domain' => $this->session->userdata('domain'),
       'layout' => $this->session->userdata('layout'),
       'required_captcha' => $this->session->userdata('captcha'),
       'required_keys' => $this->session->userdata('keys'),
       'return_url' => $this->session->userdata('returnurl'),
       'cancel_url' => $this->session->userdata('cancelurl')
    );

    curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
    $output = curl_exec($ch);
    curl_close($ch);

    $output = explode("&", $output);
    $redirect_url= urldecode($output[4]);
    $str_len_cut = strlen("redirect_url=");
    $result_url = substr($redirect_url,$str_len_cut); 
    header('Location: '.$result_url); 
}

回答1:


In the controller, set Access-Control-Allow-Origin at the top of your php script to the expected value of the origin header, the domain your ajax calls from:

header('Access-Control-Allow-Origin: abc');

Or if you never use credentials and don't care where the request comes from, just use a wildcard:

header('Access-Control-Allow-Origin: *');

update 2015-07-13 12:34 +0000

Disclaimer
I think I failed to properly consider that this was done under codeigniter and it now seems to me this answer is pretty poor.




回答2:


I was also facing same problem. please keep in mind you have to put

header('Access-Control-Allow-Origin: *');

in other side.

For example, you are requesting ajax from

http://example.net

to http://example2.net/login so you have to put above code at http://example2.net/login files.




回答3:


In codeigniter the way to do this is using the output class. So you would put this in your controller wherever you need this.

$this->output
    ->set_header('Access-Control-Allow-Origin: some-origin')
    ->set_header('Access-Control-Allow-Methods: GET, OPTIONS')

As a side note: it is generally bad practise to set your Access-Control-Allow-Origin: to * unless you really want to allow request from any domain. Otherwise it would be more secure to only allow requests from the domain(s) you are running your app on. More on this matter here.



来源:https://stackoverflow.com/questions/31332202/error-access-control-allow-origin-header-on-codeigniter

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!