jQuery Access-Control-Allow-Origin 不允许 XMLHttpRequest 无法加载
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/17160071/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
XMLHttpRequest cannot load is not allowed by Access-Control-Allow-Origin
提问by user2495586
I'm trying to get access to education.com API data. However, I keep receiving an error the error states:
我正在尝试访问education.com API 数据。但是,我不断收到错误状态的错误:
XMLHttpRequest cannot load http://api.education.com/service/service.php?f=schoolSearch&key=mykey&sn=sf&v=4&city=Atlanta&state=ga&Resf=json. Origin is not allowed by Access-Control-Allow-Origin.
XMLHttpRequest 无法加载 http://api.education.com/service/service.php?f=schoolSearch&key=mykey&sn=sf&v=4&city=Atlanta&state=ga&Resf=json。Access-Control-Allow-Origin 不允许 Origin。
My code is the following:
我的代码如下:
$(function(){
$.getJSON('http://api.education.com/service/service.php?f=schoolSearch&key=mykey&sn=sf&v=4&city=Atlanta&state=ga&Resf=json',
function(data) {
console.log(data);
});
});
Can someone help me please?
有人能帮助我吗?
回答by SALMAN
An article on Cross Domain AJAXissue a while back here:
不久前的一篇关于跨域 AJAX问题的文章:
CROSS DOMAIN AJAX REQUEST WITH JSON RESPONSE FOR IE,FIREFOX,CHROME, SAFARI – JQUERY
跨域 AJAX 请求,对 IE、Firefox、Chrome、SAFARI 具有 JSON 响应 – JQUERY
The easiest way to handle this if you have control of the responding server is to add a response header for:
如果您可以控制响应服务器,最简单的处理方法是为以下内容添加响应标头:
Access-Control-Allow-Origin: *
This will allow cross domain AJAX. In PHP you'll want to modify the response like so:
这将允许跨域 AJAX。在 PHP 中,您需要像这样修改响应:
<?php header('Access-Control-Allow-Origin: *'); ?>
you can just put Header set Access-Control-Allow-Origin * setting on apache conf or htaccess file it just work like a charm
您可以将 Header set Access-Control-Allow-Origin * 设置放在 apache conf 或 htaccess 文件上,它就像一个魅力
Important Note:
The wildcard is going to allow any domain to send requests to your host. I recommend replacing the asterisk with a specific domain that you will be running scripts on.
重要说明:
通配符将允许任何域向您的主机发送请求。我建议将星号替换为您将在其上运行脚本的特定域。
回答by SALMAN
You can't do this with a browser unless the education.com server is configured to allow CORS (Cross-Origin Resource Sharing) requests (That's the Access-Control-Allow-Originbit).
除非education.com 服务器配置为允许CORS ( Cross-Origin Resource Sharing) 请求,否则您无法使用浏览器执行此操作(这就是Access-Control-Allow-Origin位)。
Your server could make the request on your behalf, however, and you can then retrieve the data from there.
但是,您的服务器可以代表您发出请求,然后您可以从那里检索数据。
回答by SALMAN
In ZF1 can be done as below:
在 ZF1 中可以按如下方式完成:
public function indexAction() {
$turnkey = array(
"uris" => array("176.x.x:3478", "3478"),
"username" => "my_username",
"password" => "my_password"
);
$content = Zend_Json::encode($turnkey);
$this->getResponse()
->setHeader('Access-Control-Allow-Origin', "*")
->setHeader('Content-Type', 'application/json')
->setBody($content)
->sendResponse();
exit;
}
回答by Lukas N.P. Egger
Not so much a solution to the problem, but a hack to avoid the problem -- start your browser without web-security:
与其说是问题的解决方案,不如说是一种避免问题的技巧——在没有网络安全的情况下启动浏览器:
in MacOS this would work as follows: cd to ../../Applications/Google\ Chrome.app/Contents/MacOS
then start the brwoser with the appropiate flag: Google\ Chrome --disable-web-security'
Note: Never use the browser for normal surfing, this is just to get you going in cases of emergencies! Cheers
注意:切勿使用浏览器进行正常冲浪,这只是为了在紧急情况下让您继续前进!干杯
