drh96824 2011-12-16 16:32
浏览 247
已采纳

access-control-allow-origin不起作用

I'm integrating the API system into my website, however I got this message from Google chrome's console: XMLHttpRequest cannot load https://api.mysocialsync.com/. Origin https://www.mysocialsync.com is not allowed by Access-Control-Allow-Origin.

Now luckely I know what that error means and I tried to solve it (also with help of other stackoverflow pages) but none of the solutions worked, even

header("access-control-allow-origin: *");

didn't do the trick.

I'm out of idea's unfortunatly, I hope there is someone here who has an solution to this.

My server is running PHP5 with suhosin.

  • 写回答

1条回答 默认 最新

  • dongtuo2373 2011-12-16 17:10
    关注

    It's not your website that should be sending the Access-Control-Allow-Origin header, but the website you are requesting (i.e. the MySocialSync API). If the header would work the way you think it does, you could e.g. read a user's private Facebook messages and do other nasty cross-site data requests.

    I'd recommend contacting the API creators to have them add the header.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 执行 virtuoso 命令后,界面没有,cadence 启动不起来
  • ¥50 comfyui下连接animatediff节点生成视频质量非常差的原因
  • ¥20 有关区间dp的问题求解
  • ¥15 多电路系统共用电源的串扰问题
  • ¥15 slam rangenet++配置
  • ¥15 有没有研究水声通信方面的帮我改俩matlab代码
  • ¥15 ubuntu子系统密码忘记
  • ¥15 信号傅里叶变换在matlab上遇到的小问题请求帮助
  • ¥15 保护模式-系统加载-段寄存器
  • ¥15 电脑桌面设定一个区域禁止鼠标操作