javascript - js跨域请求问题
程序员文章站
2022-05-04 09:33:33
...
我在后端已经添加了
header("Access-Control-Allow-Origin:*");
,但是为什么前端使用js请求时还是出现
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://nichijou.org/x. (Reason: CORS header 'Access-Control-Allow-Origin' missing).
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://nichijou.org/x. (Reason: CORS request failed).
回复内容:
我在后端已经添加了header("Access-Control-Allow-Origin:*");
,但是为什么前端使用js请求时还是出现
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://nichijou.org/x. (Reason: CORS header 'Access-Control-Allow-Origin' missing).
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://nichijou.org/x. (Reason: CORS request failed).
很多浏览器都已经不支持使用
*
来设置Access-Control-Allow-Origin
了,正常的做法是header("Access-Control-Allow-Origin:".$_SERVER['HTTP_HOST']);
如果需要传递 COOKIE 的话还需要搭配
Access-Control-Allow-Credentials: true
这个头使用。具体可以看文档:https://developer.mozilla.org/en-US/docs/Web/HTTP/Server-Side_Access_Control
什么浏览器啊,版本号都列出来