Python 同一个域上的 CORS 错误?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/19966707/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
CORS error on same domain?
提问by Mr_Pouet
I'm running into a weird CORS issue right now.
我现在遇到了一个奇怪的 CORS 问题。
Here's the error message:
这是错误消息:
XMLHttpRequest cannot load http://localhost:8666/routeREST/select?q=[...]
Origin http://localhost:8080 is not allowed by Access-Control-Allow-Origin
Two servers:
两台服务器:
- localhost:8666/routeREST/ : this is a simple Python Bottle server.
- localhost:8080/ : Python simpleHTTPserver where I run y Javascript application. This app is executing Ajax requests on the server above.
- localhost:8666/routeREST/ :这是一个简单的 Python Bottle 服务器。
- localhost:8080/ : Python simpleHTTPserver,我在其中运行 y Javascript 应用程序。这个应用程序正在上面的服务器上执行 Ajax 请求。
Any thought on what could be the problem?
有没有想过可能是什么问题?
EDIT:
编辑:
And... the port was the problem. Thanks for your answers :)
而且......端口是问题所在。感谢您的回答:)
If anyone is using a Python bottle server as well, you can follow the answer given on this post to solve the CORS issue: Bottle Py: Enabling CORS for jQuery AJAX requests
如果有人也在使用 Python Bottle服务器,您可以按照这篇文章中给出的答案来解决 CORS 问题: Bottle Py: Enabling CORS for jQuery AJAX requests
采纳答案by some
It is only considered to be the same if the protocol, hostandportis the same: Same Origin Policy
只有协议、主机和端口相同时才认为相同:同源策略
If you want to enable it you must follow Cross-Origin Resource Sharing (cors)by adding headers. Mozilla has examples
如果要启用它,则必须通过添加标头来遵循跨源资源共享 (cors)。Mozilla 有例子
You need to add Access-Control-Allow-Origin as a header in your response. To allow everyone (you should probably NOTdo that):
您需要在响应中添加 Access-Control-Allow-Origin 作为标头。为了让所有人(你可能不应该这样做):
Access-Control-Allow-Origin: *
If you need to support multiple origins (for example both example.comand www.example.com), set the Access-Control-Allow-Originin your reply to the value of the Origin-header from the request (after you verified that the Origin is white-listed.)
如果您需要支持多个来源(例如example.com和www.example.com),请Access-Control-Allow-Origin在您的回复中将 设置Origin为请求中 -header的值(在您确认 Origin 被列入白名单之后。)
Also note that some requests send a preflight-request, with an OPTION-method, so if you write your own code you must handle those requests too. See Mozilla for examples.
另请注意,某些请求会使用 OPTION 方法发送预检请求,因此如果您编写自己的代码,您也必须处理这些请求。有关示例,请参阅 Mozilla 。
回答by jcarpenter2
The port numbers are different.
端口号不同。
A request is considered cross-domain if any of the scheme, hostname, or port do not match.
如果任何方案、主机名或端口不匹配,则请求被视为跨域。
