Javascript CORS 策略已阻止从源“http://localhost”访问“...”处的 XMLHttpRequest
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/55627247/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Access to XMLHttpRequest at '...' from origin 'http://localhost' has been blocked by CORS policy
提问by Tomato
I'm trying to demo an api call with javascript to get Json result. Here is what I did:
我正在尝试使用 javascript 演示 api 调用以获取 Json 结果。这是我所做的:
<!DOCTYPE html>
<html>
<head>
</head>
<script src="https://canvasjs.com/assets/script/jquery-1.11.1.min.js"></script>
<body>
<div class="render-form">
<script>
$(document).ready(function() {
$.ajax({
type: 'GET',
headers:{
'Accept': 'application/json',
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
url: 'http://127.0.0.1:8080/activiti-rest/service/form/form-data?taskId=21159',
dataType: 'json',
success: function (data) {
alert(JSON.stringify(data));
}
});
})
</script>
</div>
</body>
</html>
But when I run it, I got an error:
但是当我运行它时,我得到了一个错误:
Access to XMLHttpRequest at 'http://127.0.0.1:8080/activiti-rest/service/form/form-data?taskId=21159' from origin 'http://localhost' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
CORS 政策已阻止在“ http://127.0.0.1:8080/activiti-rest/service/form/form-data?taskId=21159”处访问 XMLHttpRequest来自源“ http://localhost”:响应预检请求未通过访问控制检查:请求的资源上不存在“Access-Control-Allow-Origin”标头。
After searching many post in here, I added:
在这里搜索了很多帖子后,我补充说:
headers:{
'Accept': 'application/json',
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': '*'
},
But it still not work with that error. How should I fix this?
Any reply would be very appreciate!
Thank you very much!
但它仍然无法处理该错误。我应该如何解决这个问题?
任何答复将不胜感激!
非常感谢!
回答by frzsombor
If you are running the Activiti framework on Tomcat, you can config CORS support in Tomcat via a filter. You need to add this filter to your web.xml file and configure it to match your requirements.
如果您在 Tomcat 上运行 Activiti 框架,您可以通过过滤器在 Tomcat 中配置 CORS 支持。您需要将此过滤器添加到您的 web.xml 文件并对其进行配置以符合您的要求。
Check Tomcat's documentation:
http://tomcat.apache.org/tomcat-8.0-doc/config/filter.html#CORS_Filter
检查Tomcat的文档:http:
//tomcat.apache.org/tomcat-8.0-doc/config/filter.html#CORS_Filter
Also please note:
另请注意:
- As @Quentin pointed out in a comment you are using a jQuery version that is 5 years old and dangerously out of date.
- The
Access-Control-Allow-Originheader you are using in your ajax request is a response header, not a request header, so it should be returned by the server in the response. You can't use response headers in a request.
- 正如@Quentin 在评论中指出的那样,您使用的 jQuery 版本已有 5 年历史,而且已经过时了。
Access-Control-Allow-Origin您在 ajax 请求中使用的标头是响应标头,而不是请求标头,因此它应该由服务器在响应中返回。您不能在请求中使用响应标头。
