ajax 允许 Safari 和 Chrome 中的跨域请求?服务器响应与命令行参数
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/8679736/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Allowing cross-domain requests in Safari and Chrome? Server response vs. command line arguments
提问by CEGRD
I am trying to make cross-domain requests with Safari on Windows. My Safari version is 5.1.2.
我正在尝试在 Windows 上使用 Safari 进行跨域请求。我的 Safari 版本是 5.1.2。
This is a classical question. I read in many places that Chrome and Safari allows cross domain requests as long as Server responds with the followin header in the response
这是一个经典的问题。我在很多地方都读到 Chrome 和 Safari 允许跨域请求,只要服务器在响应中使用以下标头进行响应
Access-Control-Allow-Origin: *
I have read this post. How to allow cross-domain requests in Safari?and many others on the stackoverflow site too.
我已经阅读了这篇文章。 如何在 Safari 中允许跨域请求?以及 stackoverflow 网站上的许多其他网站。
However, none of them answers my question.
但是,他们都没有回答我的问题。
I am having problems with Chrome AND Safari doing cross-domain AJAX requests even though I am sending the necessary header back from the server.
我在 Chrome 和 Safari 执行跨域 AJAX 请求时遇到问题,即使我从服务器发送回必要的标头。
I finally ran Chrome with "--disable-web-security". Then it worked.
我终于用“--disable-web-security”运行了 Chrome。然后它起作用了。
My questions:
我的问题:
1) What do I do with Safari? Do I use a similar command line argument?
1) 我用 Safari 做什么?我是否使用类似的命令行参数?
2) More importantly, can I someone please tell me whether cross-domain functionality is allowed in Chrome and Safari by default as long as server responds with the header or do I have to make sure that
2)更重要的是,有人可以告诉我,Chrome 和 Safari 是否默认允许跨域功能,只要服务器以标头响应,或者我是否必须确保
a) server responds with a header
a) 服务器用标头响应
AND
和
b) browser is started with a proper argument.
b) 浏览器以正确的参数启动。
采纳答案by CEGRD
I found the problem. Reading more about CORS helped html5rocks.com/en/tutorials/cors. I realized that my requests were triggering preflight requests (OPTIONS) and the server was not set up to handle these requests properly. The reason it was causing preflight requests was because I was using JQuery and it was adding a custom header into my requests. I modified my code to prevent addition of this extra header and my requests no longer needed preflight requests. Now I do not have to disable web security and it works fine.
我发现了问题。阅读有关 CORS 的更多信息有助于html5rocks.com/en/tutorials/cors。我意识到我的请求正在触发预检请求 (OPTIONS),并且服务器没有设置为正确处理这些请求。它导致预检请求的原因是因为我使用的是 JQuery 并且它在我的请求中添加了一个自定义标头。我修改了我的代码以防止添加这个额外的标头,并且我的请求不再需要预检请求。现在我不必禁用网络安全,它工作正常。
