drh96824 2011-12-16 16:32
浏览 247
已采纳

access-control-allow-origin不起作用

I'm integrating the API system into my website, however I got this message from Google chrome's console: XMLHttpRequest cannot load https://api.mysocialsync.com/. Origin https://www.mysocialsync.com is not allowed by Access-Control-Allow-Origin.

Now luckely I know what that error means and I tried to solve it (also with help of other stackoverflow pages) but none of the solutions worked, even

header("access-control-allow-origin: *");

didn't do the trick.

I'm out of idea's unfortunatly, I hope there is someone here who has an solution to this.

My server is running PHP5 with suhosin.

  • 写回答

1条回答 默认 最新

  • dongtuo2373 2011-12-16 17:10
    关注

    It's not your website that should be sending the Access-Control-Allow-Origin header, but the website you are requesting (i.e. the MySocialSync API). If the header would work the way you think it does, you could e.g. read a user's private Facebook messages and do other nasty cross-site data requests.

    I'd recommend contacting the API creators to have them add the header.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 安装svn网络有问题怎么办
  • ¥15 Python爬取指定微博话题下的内容,保存为txt
  • ¥15 vue2登录调用后端接口如何实现
  • ¥65 永磁型步进电机PID算法
  • ¥15 sqlite 附加(attach database)加密数据库时,返回26是什么原因呢?
  • ¥88 找成都本地经验丰富懂小程序开发的技术大咖
  • ¥15 如何处理复杂数据表格的除法运算
  • ¥15 如何用stc8h1k08的片子做485数据透传的功能?(关键词-串口)
  • ¥15 有兄弟姐妹会用word插图功能制作类似citespace的图片吗?
  • ¥15 latex怎么处理论文引理引用参考文献