问题
i am getting the error of XMLHttpRequest cannot load, No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://abc' is therefore not allowed access.. i am very new in php and codeigniter and so i cannot really understand what is going on. i tried reading other materials here in stackoverflow but it just left me blank. I am sorry if this is a duplicate post to you but I really need help.
here is the ajax call for the view:
$("#btnLoginFB").click(function()
{
$.ajax({
type: "POST",
url: '<?php echo base_url();?>Main/login',
data: {domain:'FB'},
dataType: "text",
cache:false,
success:
function(output_string){
alert(output_string);
}
});
return false;
});
and here is the functions in the controller
public function login()
{
$domain = $this->input->post('domain');
$get_domain = $this->input->get('domain');
$get_token = $this->input->get('token');
if ((!empty($get_domain)) && (!empty($get_token)))
{
$this->getmasterid();
}
else
{
$this->getticket($domain);
}
}
public function getsomething($domain)
{
if (isset($domain))
{
switch ($domain)
{
case 'PP':
$this->session->set_userdata('servcode','pp.login');
$this->session->set_userdata('servsiggy','adgjanlnadgakjdbakg');
$this->session->set_userdata('domain','pp');
break;
case 'FB':
$this->session->set_userdata('servcode','fb.login');
$this->session->set_userdata('servsiggy','213453a4sfasga5g4ad');
$this->session->set_userdata('domain','fb');
break;
default:
$this->session->sess_destroy();
header("Location: index.php");
break;
}
$this->session->set_userdata('clientpaddr', $this->input->server('REMOTE_ADDR'));
$this->session->set_userdata('partcode', 'abc');
$this->session->set_userdata('command', 'initialize-something');
$this->session->set_userdata('layout', 'deflt');
$this->session->set_userdata('title', 'pp login');
$this->session->set_userdata('captcha', 'false');
$this->session->set_userdata('keys', 'false');
$this->session->set_userdata('returnurl', 'https://mywebsite.game.com/login.php');
$this->session->set_userdata('cancelurl', 'https://mywebsite.game.com/cancel.php');
$this->session->set_userdata('sendurl', 'http://192.168.0.1/authenticate/green/api.ashx');
}
else
{
$this->session->sess_destroy();
header("Location: index.php");
}
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $this->session->userdata('sendurl'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, true);
$data = array(
'part_code' => $this->session->userdata('partcode'),
'serv_code' => $this->session->userdata('servcode'),
'serv_siggy' => $this->session->userdata('servsiggy'),
'command' => $this->session->userdata('command'),
'ip' => $this->session->userdata('clientpaddr'),
'domain' => $this->session->userdata('domain'),
'layout' => $this->session->userdata('layout'),
'required_captcha' => $this->session->userdata('captcha'),
'required_keys' => $this->session->userdata('keys'),
'return_url' => $this->session->userdata('returnurl'),
'cancel_url' => $this->session->userdata('cancelurl')
);
curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
$output = curl_exec($ch);
curl_close($ch);
$output = explode("&", $output);
$redirect_url= urldecode($output[4]);
$str_len_cut = strlen("redirect_url=");
$result_url = substr($redirect_url,$str_len_cut);
header('Location: '.$result_url);
}
回答1:
In the controller, set Access-Control-Allow-Origin at the top of your php script to the expected value of the origin header, the domain your ajax calls from:
header('Access-Control-Allow-Origin: abc');
Or if you never use credentials and don't care where the request comes from, just use a wildcard:
header('Access-Control-Allow-Origin: *');
update 2015-07-13 12:34 +0000
Disclaimer
I think I failed to properly consider that this was done under codeigniter and it now seems to me this answer is pretty poor.
回答2:
I was also facing same problem. please keep in mind you have to put
header('Access-Control-Allow-Origin: *');
in other side.
For example, you are requesting ajax from
http://example.net
to http://example2.net/login
so you have to put above code at http://example2.net/login
files.
回答3:
In codeigniter the way to do this is using the output class. So you would put this in your controller wherever you need this.
$this->output
->set_header('Access-Control-Allow-Origin: some-origin')
->set_header('Access-Control-Allow-Methods: GET, OPTIONS')
As a side note: it is generally bad practise to set your Access-Control-Allow-Origin:
to *
unless you really want to allow request from any domain. Otherwise it would be more secure to only allow requests from the domain(s) you are running your app on. More on this matter here.
来源:https://stackoverflow.com/questions/31332202/error-access-control-allow-origin-header-on-codeigniter