php 错误:请求的资源上不存在“Access-Control-Allow-Origin”标头
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/33750748/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Error: No 'Access-Control-Allow-Origin' header is present on the requested resource
提问by Sanjiban Bairagya
I have two systems helpdesk.ops.something.inand dev1.ops.something.in
我有两个系统helpdesk.ops.something.in和dev1.ops.something.in
I have a file fetchP.phpin helpdesk.ops whose code goes something like this:
我fetchP.php在 helpdesk.ops 中有一个文件,它的代码是这样的:
<?php
header('Access-Control-Allow-Origin: *');
<script type="text/javascript" src="https://ajax.googleapis.com/ajax/libs/jquery/2.1.3/jquery.min.js"></script>
<script type="text/javascript">
function someFunc(item) {
$.ajax({method:"GET",
url:"http://dev1.ops.something.in/wallet/createurl.php?phone="+item,
success:function(response){
console.log(response);
}
});
};
</script>';
<?php
echo '<div id="callToWallet" class="sample-button" onclick="someFunc(911234567890);"><a href="#"> Click here</a></div>';
which is doing a GET request to a file createurl.phppresent in the dev1.ops, which goes something like this:
它正在createurl.php对 dev1.ops 中存在的文件执行 GET 请求,它是这样的:
<?php
header('Access-Control-Allow-Origin: *');?>
<script>response.addHeader("Access-Control-Allow-Origin", "*");</script>
<?php
// the rest of the code
?>
But on executing, the GET request is not successful, and I am getting error:
但是在执行时,GET 请求不成功,并且出现错误:
XMLHttpRequest cannot load http://dev1.ops.something.in/wallet/createurl.php?phone=911234567890. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://helpdesk.ops.something.in' is therefore not allowed access. The response had HTTP status code 500.
XMLHttpRequest cannot load http://dev1.ops.something.in/wallet/createurl.php?phone=911234567890. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://helpdesk.ops.something.in' is therefore not allowed access. The response had HTTP status code 500.
What am I missing?
我错过了什么?
回答by Padarom
Even with the Access-Control-Allow-Originheader set, a XMLHttpRequest cannot request ressources on domains that are different from the one of your current domain (this is due to the same-origin policy).
即使Access-Control-Allow-Origin设置了标头, XMLHttpRequest 也无法请求与当前域不同的域上的资源(这是由于同源策略)。
One way you could try to get around it is to use JSONP. Here's a simple and rudimentary example:
您可以尝试绕过它的一种方法是使用JSONP。这是一个简单而基本的例子:
fetchP.php(Ajax call):
fetchP.php(Ajax 调用):
function someFunc(item) {
$.ajax({
method: "GET",
data: { phone: item },
url: "http://localhost:2512/createurl.php",
success: function(response){
console.log(response);
},
dataType: "jsonp",
});
};
createurl.php:
createurl.php:
<?php
header('Access-Control-Allow-Origin: *');
$data = ["foo" => "bar", "bar" => "baz"];
$json = json_encode($data);
$functionName = $_GET['callback'];
echo "$functionName($json);";
?>
Example output of the createurl.phpon an ajax request:
createurl.phpajax 请求的输出示例:
jQuery2130388456100365147_1447744407137({"foo":"bar","bar":"baz"});
jQuery then executes the defined function and calls the defined successmethod on the given parameters (JSON in this case).
然后 jQuery 执行定义的函数并调用success给定参数(在本例中为 JSON)的定义方法。
