drh96824 2011-12-16 16:32
浏览 250
已采纳

access-control-allow-origin不起作用

I'm integrating the API system into my website, however I got this message from Google chrome's console: XMLHttpRequest cannot load https://api.mysocialsync.com/. Origin https://www.mysocialsync.com is not allowed by Access-Control-Allow-Origin.

Now luckely I know what that error means and I tried to solve it (also with help of other stackoverflow pages) but none of the solutions worked, even

header("access-control-allow-origin: *");

didn't do the trick.

I'm out of idea's unfortunatly, I hope there is someone here who has an solution to this.

My server is running PHP5 with suhosin.

  • 写回答

1条回答 默认 最新

  • dongtuo2373 2011-12-16 17:10
    关注

    It's not your website that should be sending the Access-Control-Allow-Origin header, but the website you are requesting (i.e. the MySocialSync API). If the header would work the way you think it does, you could e.g. read a user's private Facebook messages and do other nasty cross-site data requests.

    I'd recommend contacting the API creators to have them add the header.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 如何让企业微信机器人实现消息汇总整合
  • ¥50 关于#ui#的问题:做yolov8的ui界面出现的问题
  • ¥15 如何用Python爬取各高校教师公开的教育和工作经历
  • ¥15 TLE9879QXA40 电机驱动
  • ¥20 对于工程问题的非线性数学模型进行线性化
  • ¥15 Mirare PLUS 进行密钥认证?(详解)
  • ¥15 物体双站RCS和其组成阵列后的双站RCS关系验证
  • ¥20 想用ollama做一个自己的AI数据库
  • ¥15 关于qualoth编辑及缝合服装领子的问题解决方案探寻
  • ¥15 请问怎么才能复现这样的图呀