jQuery AngularJS 禁用 CORS?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/19554414/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
AngularJS disabling CORS?
提问by Jeff Hubbard
Maybe I'm missing something entirely, but I have a server running locally, and have notconfigured Angular to use CORS for $http requests. When I make an HTTP request to localhost:<port>, I see Chrome create an OPTIONS request first.
也许我完全遗漏了一些东西,但是我有一个在本地运行的服务器,并且没有将 Angular 配置为对 $http 请求使用 CORS。当我向 localhost: 发出 HTTP 请求时<port>,我看到 Chrome 首先创建了一个 OPTIONS 请求。
Because I need to support IE 8 - and AngularJS definitely will not work there with CORS - I need to remove CORS.
因为我需要支持 IE 8 - 而 AngularJS 肯定不会在那里使用 CORS - 我需要删除 CORS。
I have tried directly setting the POSTmethod notusing the $http.postwrapper with no avail. Perhaps this is related to https://github.com/angular/angular.js/issues/1585
我曾尝试直接设置不使用包装器的POST方法,但无济于事。也许这与https://github.com/angular/angular.js/issues/1585有关$http.post
I've also tried calling a jQuery ajax post directly from a controller - even with the CORS option as false (because it seemed to default to true). It still creates a CORS request.
我还尝试直接从控制器调用 jQuery ajax 帖子 - 即使 CORS 选项为 false(因为它似乎默认为 true)。它仍然会创建 CORS 请求。
What is the configuration for this?
这是什么配置?
回答by Jeff Hubbard
CORS is a result of your request url, notof any configuration you can set. If your origin does not match the request url protocol/domain/port, you will get a CORS request--no exceptions.
CORS 是您请求 url 的结果,而不是您可以设置的任何配置。如果您的来源与请求 url 协议/域/端口不匹配,您将收到 CORS 请求——没有例外。
For instance, with an origin of http://www.example.com:8080:
例如,来源为http://www.example.com:8080:
This is a CORS request: http://example.com:8080/path.json(different subdomain)
这是一个 CORS 请求:http: //example.com:8080/ path.json(不同的子域)
This is a CORS request: http://www.example.com/path.json(different port)
这是一个 CORS 请求:http: //www.example.com/path.json(不同端口)
This is a CORS request: https://www.example.com:8080/path.json(different protocol)
这是一个 CORS 请求:https://www.example.com:8080/path.json (不同的协议)
This is NOTa CORS request: http://www.example.com:8080/path.json(the protocol, domain, and port all match the origin)
这不是CORS 请求:http: //www.example.com:8080/path.json (协议、域和端口都与源匹配)
That being said, the OPTIONS request is happening because you have a header outside of the standard headers (very likely, your request has an X-Requested-With header). In Angular.js, you can remove this with:
话虽如此,发生 OPTIONS 请求是因为您在标准标头之外有一个标头(很可能,您的请求有一个 X-Requested-With 标头)。在 Angular.js 中,您可以使用以下命令删除它:
angular.module('yourModuleHere')
.config(function ($httpProvider) {
delete $httpProvider.defaults.headers.common['X-Requested-With'];
});
Note that for Angular.js 1.2 and above, X-Requested-With is not in the default common headers list. You don't need to remove it from the list.
请注意,对于 Angular.js 1.2 及更高版本, X-Requested-With 不在默认的通用标头列表中。您无需将其从列表中删除。
