2014-12-11 12:32
浏览 443

consider i have created a website and have a web directory like this...



In index.php coding.. i use

<base href="">
<script> <!-- using jquery -->
        data:{ 'variable': value  },
        success: function(res){

when i run above code it works fine... but when i add "www" in base element href attribute, like this...

<base href="">

its not working why?, it show error like this in javascript..

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at This can be fixed by moving the resource to the same domain or enabling CORS.

now i have question?

  1. what is the real problem?

  2. what should i do to make both base element code should run?

  3. what is CORS enabling?

  4. if i enable CORS, anyone from other website can able to access my site?

I would appreciate if some one could assist me, thanks in advance...

图片转代码服务由CSDN问答提供 功能建议




在index.php编码中..我用 <前> &lt; html&gt; .... &lt; base href =“”&gt; .... .... &lt; 脚本&GT; &lt ;! - 使用jquery - &gt; .... $ .ajax({ url:'ajax.php', type:'POST', data:{'variable' :value}, success:function(res){ .... .... } }); .... &lt; / script&gt;

当我运行上面的代码时它工作正常...但是当我在基本元素中添加“www”时 href属性,像这样......

 &lt; base href =“”&gt; 


跨源请求已阻止:同源策略禁止读取远程资源< a href =“”rel =“nofollow”> 。 这可以通过将资源移动到同一个域或启用CORS来解决。


  1. 真正的问题是什么?

  2. 我应该怎样做才能使两个基本元素代码都运行?

  3. < p>什么是CORS启用?
  4. 如果我启用CORS,其他网站的任何人都可以访问我的网站?


  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 收藏
  • 邀请回答

2条回答 默认 最新

  • douduan5753 2014-12-11 12:37

    what is the difference between and

    They have different hostnames and are (technically) different websites. They could host different content, but probably don't.

    what is the real problem?

    Different hostnames are different origins. Browsers do not let JavaScript running in a page on one origin read content from another origin unless permission is given with CORS.

    what should i do to make both base element code should run?

    Pick one of the two hostnames to be canonical. Configure the server so the non-canonical one issues a 301 HTTP redirect to the canonical one.

    While you are at it, stop using <base>. It is far more pain than it is worth, and almost everything good about it can be achieved by using URLs that are relative to the server root (i.e. URLs that begin with a / character).

    what is CORS enabling?

    Configuring the server to send HTTP headers that give the browser permission to share your site's data with other sites.

    See MDN for more.

    if i enable CORS, anyone from other website can able to access my site?

    You can specify global access or limit it to specific origins.

    解决 无用
    打赏 举报