You're running into CORS issues.

您遇到了 CORS 问题。

Some possible causes:

一些可能的原因：

• The header Access-Control-Allow-Origincan only be set on server side, not in your clients script. (You did not make clear you did that correctly.)
• Are you sure the protocol (httpvs httpsvs maybe even file) is exactly the same?
• If you may have multiple sub domains you need to setup your config (e.g. Apache) with something like "^http(s)?://(.+\.)?test\.com$.
  The ^marks the start of the line to prevent anything preceeding this url. You need a protocol and allowing both here. A subdomain is optional. And the $marks the end of line (you don't need to set sub-pages, because origin is only host based).
• As stated hereadding Access-Control-Allow-Headers: Originto the server configuration as well may be a solution. Try to compare the actual requests made my Safari to the successfull requests done by Firefox or Chrome to spot possible missing Headers as well (and maybe compare them to your server configuration as well).

• 标头Access-Control-Allow-Origin只能在服务器端设置，而不能在您的客户端脚本中设置。（您没有明确表示您这样做是正确的。）
• 您确定协议（httpvs httpsvs 甚至可能file）完全相同吗？
• 如果您可能有多个子域，则需要使用类似"^http(s)?://(.+\.)?test\.com$.
  该^标记在该行的开始，以防止任何前述这个网址。您需要一个协议并在此处允许两者。子域是可选的。并$标记行尾（您不需要设置子页面，因为来源仅基于主机）。
• 正如此处所述，添加Access-Control-Allow-Headers: Origin到服务器配置也可能是一种解决方案。尝试将我的 Safari 发出的实际请求与 Firefox 或 Chrome 完成的成功请求进行比较，以发现可能丢失的标头（也可能将它们与您的服务器配置进行比较）。

Trying following might work -

尝试以下可能有效 -

Access-Control-Allow-Origin: <origin> | *

If anyone comes across this error, it just occurred in the application I was building. In my case, it turned out to be a trailing / in the uri, which caused a 301 response, which was for some reason interpreted by Safari as a 500 response.

如果有人遇到这个错误，它只是发生在我正在构建的应用程序中。就我而言，结果是 uri 中的尾随 /，导致 301 响应，出于某种原因，Safari 将其解释为 500 响应。

The problem is because it is necessary to be more specific in the data of the cors this does not happen in the other operating systems that do interpret it

问题是因为有必要在 cors 的数据中更加具体，这在其他解释它的操作系统中不会发生

This one worked for me for a back in php

这个对我有用，可以帮助我回到 php

header ("Access-Control-Allow-Headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method");
header ("Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE");
header ("Allow: GET, POST, OPTIONS, PUT, DELETE");
$ method = $ _SERVER ['REQUEST_METHOD'];
if ($ method == "OPTIONS") {
???? die ();
}

Your server needs to reply to the OPTIONS http method. Not only to GET/POST/PUT/DELETE. Safari silently requests this hidden in the background. You can discover this with a MITM-attack on the connection, e.g. Fiddler.

您的服务器需要回复 OPTIONS http 方法。不仅要 GET/POST/PUT/DELETE。Safari 悄悄地请求隐藏在后台。您可以通过对连接的 MITM 攻击来发现这一点，例如Fiddler。

The OPTIONS request at least needs to respond with the Cross-Origin Resource Sharing (CORS) headers, e.g.:

OPTIONS 请求至少需要响应跨域资源共享 (CORS) 标头，例如：

• Access-Control-Allow-Headers
• Access-Control-Allow-Methods
• Access-Control-Allow-Origin

• 访问控制允许标题
• 访问控制允许方法
• 访问控制允许来源

Additionally: Your Web Application Firewall (WAF) or Application Security Manager (ASM) needs to allow the OPTIONS request to pass through to your server. Often this is blocked by default, because it gives some slivers of information about the attack surface variables (http methods & headers) used by your API.

此外：您的 Web 应用程序防火墙 (WAF) 或应用程序安全管理器 (ASM) 需要允许 OPTIONS 请求传递到您的服务器。这通常在默认情况下被阻止，因为它提供了有关 API 使用的攻击面变量（http 方法和标头）的一些信息。