javascript Access-Control-Allow-Origin 不允许 Origin null
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/12052483/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Origin null is not allowed by Access-Control-Allow-Origin
提问by shireasha
The json response is in {"userName":"clevermeal835","userRole":"Participant"}
json 响应在 {"userName":"clevermeal835","userRole":"Participant"}
I am getting an alert message as success but while reading the response I am getting the error:
我收到一条成功的警报消息,但在阅读响应时我收到错误消息:
XMLHttpRequest cannot load the url Origin null is not allowed by Access-Control-Allow-Origin.
XMLHttpRequest 无法加载 url Origin null is not allowed by Access-Control-Allow-Origin。
If I run the code from command prompt by
如果我从命令提示符运行代码
--disable-web-security
--disable-web-security
I am getting response. Can any one help me resolving this problem with out using command prompt. The below code.
我得到回应。任何人都可以帮助我在不使用命令提示符的情况下解决这个问题。下面的代码。
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<script type="text/javascript" src="Scripts/jquery-1.4.2.min.js"></script>
<script>
$(document).ready(
function() {
$("#jsonpbtn2").click(function() {
var uid = "clevermeal835";
var pwd = "Welcome_1";
var userType = "participant";
var surl="http://localhost:8080/RESTlet_WS/MobiSignIn/{\"userName\":\""+uid+"\",\"password\":\""+pwd+"\",\"userType\":\""+userType+"\"}/";
$.ajax({
type : 'GET',
contentType: "application/json; charset=utf-8",
url : surl,
dataType : 'json',
headers : {Accept : "application/json","Access-Control-Allow-Origin" : "*"},
crossDomain : true,
success :SucceedFunc ,
error : function(data, textStatus, errorThrown) {
console.log("error"+' '+JSON.stringify(data) + textStatus + errorThrown);}
});
function SucceedFunc(data) {
alert("success");
var userName = data.userName;
alert(userName);
}
});
});
</script>
</head>
<body>
<input id="jsonpbtn2" type="submit" value="button" />
</body>
</body>
</html>
回答by apsillers
It looks like you're testing your site by serving your web page over file://in Chrome. For security reasons, Chrome does not allow you to perform Ajax calls from file://resources.
看起来您正在通过file://在 Chrome 中提供您的网页来测试您的网站。出于安全原因,Chrome 不允许您从file://资源执行 Ajax 调用。
The security threat here is that someone could email you a .htmlfile that, when opened with file://, sent out Ajax requests to fetch the contents of your email inbox (if allowed to query web pages) or other files on your computer (if allowed to query other file resources).
这里的安全威胁是有人可以通过电子邮件向您发送一个.html文件,当打开时file://,发送 Ajax 请求以获取您的电子邮件收件箱的内容(如果允许查询网页)或您计算机上的其他文件(如果允许查询其他文件资源)。
You should instead test your pages by serving them from the same localhost:8080server that is serving your API pages.
相反,您应该通过从localhost:8080为您的 API 页面提供服务的同一台服务器提供服务来测试您的页面。
回答by DeweyOx
Try adding:
尝试添加:
beforeSend: function( xhr ) {
xhr.overrideMimeType( 'text/plain; charset=UTF-8' );
}
to your Ajax call.
到您的 Ajax 调用。
