错误:使用 JQuery 的 ajax 方法加载 XML 文件时,“Access-Control-Allow-Origin 不允许使用 Origin null”
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/5396527/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Error: "Origin null is not allowed by Access-Control-Allow-Origin" when loading an XML file with JQuery's ajax method
提问by eabait
This is my code:
这是我的代码:
this.loadMap = function () {
this._map = null;
this._width = 0;
this._height = 0;
this._playerX = 0;
this._playerY = 0;
this.finished = false;
this.loaded = false;
$.ajax({
type: "GET",
url: "maze1.xml",
dataType: "xml",
success: this.parseXmlMap,
context: this
});
};
The error i'm getting is
我得到的错误是
"XMLHttpRequest cannot load file:///C:/wamp/www/mazegame/maze1.xml. Origin null is not allowed by Access-Control-Allow-Origin".
“XMLHttpRequest 无法加载 file:///C:/wamp/www/mazegame/maze1.xml。Access-Control-Allow-Origin 不允许 Origin null”。
This same script works fine in Firefox
同样的脚本在 Firefox 中运行良好
回答by Michael McTiernan
You're testing this in Chrome? What's basically happening is because you're loading the file from your filesystem instead of from a server, Chrome is setting your origin to nulleven though the resource you're requesting is local to you. If you were to do this from an HTTP server such as Apache, I think it would work just fine.
你在 Chrome 中测试这个?基本上发生的事情是因为您从文件系统而不是从服务器加载文件,Chrome 会将您的来源设置为null即使您请求的资源对您来说是本地的。如果您要从 Apache 等 HTTP 服务器执行此操作,我认为它会工作得很好。
回答by Juggernaut
Yes, Google in their blessed wisdom decided that Chrome will not permit an access to local files for rather obscure security reasons. Every two local files are considered as if they were from different domains, and accessing a local file is considered a cross-site request.
是的,谷歌凭着他们的智慧决定,出于相当模糊的安全原因,Chrome 将不允许访问本地文件。每两个本地文件都被视为来自不同的域,访问本地文件被视为跨站点请求。
There is a workaround, but useful only in some situations: If you can run Chrome with a command line parameter --allow-file-access-from-files, the security check will not be done.
有一种解决方法,但仅在某些情况下有用:如果您可以使用命令行参数运行 Chrome,--allow-file-access-from-files则不会进行安全检查。
回答by user1052313
I had this same issue with Chrome (Version 20.0.1132.57) and using --allow-file-access-from-files didn't work for me (on Ubuntu 12.04).
我在 Chrome(版本 20.0.1132.57)上遇到了同样的问题,并且使用 --allow-file-access-from-files 对我不起作用(在 Ubuntu 12.04 上)。
But, using the command python -m SimpleHTTPServerin the directory that holds the localfiles I'm trying to test with allows me to work around the problem. That command launches an HTTP server that serves the current directory tree at http://localhost:8000/
但是,python -m SimpleHTTPServer在包含我尝试测试的本地文件的目录中使用该命令可以解决该问题。该命令启动一个 HTTP 服务器,该服务器为当前目录树提供服务http://localhost:8000/
So, if I have a file test.html that uses an ajax call for a file in the same dir I can use http://localhost:8000/test.htmland Chrome will be ok with it. For me, this is fine for local dev/testing.
因此,如果我有一个文件 test.html 使用 ajax 调用我可以使用的同一目录中的文件,那么http://localhost:8000/test.htmlChrome 将可以使用它。对我来说,这对于本地开发/测试来说很好。
I came across that command on www.commandlinefu.com.
我在www.commandlinefu.com上遇到了该命令。
回答by jwerre
Just to reiterate what Paul & Juggernaut said:
只是重申一下 Paul & Juggernaut 所说的:
In OSX open terminal and paste this command
在 OSX 打开终端并粘贴此命令
/Applications/Google\ Chrome.app/Contents/MacOS/Google\ Chrome --allow-file-access-from-files
回答by Aung Zan Baw
You try to access both web page and resources file as file route file:///
您尝试以文件路径 file:/// 的形式访问网页和资源文件
You can do following in OSX
您可以在 OSX 中执行以下操作
open /Applications/Google\ Chrome.app --args --allow-file-access-from-files
try to request web page with local server (http://localhost/your_website.html)
尝试使用本地服务器(http://localhost/your_website.html)请求网页
read more about cross site and iFrame at http://weblog.bocoup.com/third-party-javascript-development-future/
在http://weblog.bocoup.com/third-party-javascript-development-future/阅读有关跨站点和 iFrame 的更多信息
