dsfasdfsda234234 2013-03-20 00:27
浏览 847
已采纳

无法使用jQuery发送CORS POST请求

I'm trying to send a POST request to a separate subdomain via ajax. The preflight request (OPTIONS) is successful, but the following XMLHttpRequest request returns the "Origin http://app.example.com is not allowed by Access-Control-Allow-Origin."

The client side (app.example.com) code looks like this:

var settings = {
    url: 'http://api.example.com/auth',
    type: 'POST',
    contentType: 'application/json',
    crossDomain: true,
    headers: {"X-Requested-With": "XMLHttpRequest"},
    username: data.username,
    success: callback,
    error: callback
};

$.ajax(settings);

The server side code (api.example.com) looks like this:

$this->output->set_header('Content-Type: application/json; charset=utf-8');
$this->output->set_header('Access-Control-Allow-Origin: http://app.example.com');
$this->output->set_header('Access-Control-Allow-Methods: GET, PUT, POST, DELETE, HEAD, OPTIONS');
$this->output->set_header('Access-Control-Allow-Headers: X-Requested-With, Origin, X-Csrftoken, Content-Type, Accept');
$this->output->set_header('Access-Control-Allow-Credentials: true');

The OPTIONS request returns a 200 status. I'm hoping someone is able to tell me what I'm missing. Thanks!

  • 写回答

1条回答 默认 最新

  • dqwn64004 2013-03-20 01:57
    关注

    You need to either:

    1. Remove the Access-Control-Allow-Credentials header entirely (This will not send any cookies on the request), or:
    2. Add the following to your ajax request: xhrFields: { withCredentials: true },

    The second option will include cookies on the request. See here for more details: Sending credentials with cross-domain posts?

    You might want to try the first option first, just to make sure the cross-domain request is working, and then add the cookies after that (to make things easier to debug).

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 求解,我这个代码为什么运行不了
  • ¥15 remotes安装提示没有description文件
  • ¥15 AttributeError: 'NoneType' object has no attribute 'drop_duplicates'报错
  • ¥15 以下代码,运行结果报错
  • ¥15 Vivado仿真数据出错
  • ¥15 银河麒麟不支持vant等前端框架怎么办?
  • ¥15 vue3的子组件在父页面调用不显示不生效问题
  • ¥15 cadence PEX
  • ¥15 phython创建了文件 显示在项目下面,但运行不了,运行时还是运行main文件,并且说main文件不允许并行运行
  • ¥15 FutureWarning:不推荐使用空或全 NA 条目的 DataFrame 串联行为。怎么改呢?