I have a webpage on the domain https://imeet.pgi.com making an XMLHttpRequest to another domain. The request fails with the following console error (using Chrome browser):
我在域https://imeet.pgi.com上有一个网页,将XMLHttpRequest发送到另一个域。请求失败,出现以下控制台错误(使用Chrome浏览器):
XMLHttpRequest cannot load https://pgidrive.com/eloqua/forminator/getForm.php. The 'Access-Control-Allow-Origin' header has a value 'https://imeet.pgi.coms' that is not equal to the supplied origin. Origin 'https://imeet.pgi.com' is therefore not allowed access.
XMLHttpRequest无法加载https://pgidrive.com/eloqua/forminator/getForm.php。 “Access-Control-Allow-Origin”标头的值为“https://imeet.pgi.coms”,不等于提供的来源。因此,不允许来源“https://imeet.pgi.com”访问。
Note that the Access-Control-Allow Origin header has a value of: https://imeet.pgi.coms with an "s" on the end.
请注意,Access-Control-Allow Origin标头的值为:https://imeet.pgi.coms,末尾带有“s”。
Why does my Access-Control-Allow-Origin header have this incorrect value?
为什么我的Access-Control-Allow-Origin标头的值不正确?
If it could be a typo somewhere, where would I look to check?
如果它可能是某个地方的拼写错误,我会在哪里检查?
More background info: I have made this same request successfully from other domains with no issue. I have set a list of allowed origin domains that includes imeet.pgi.com on the .htaccess file on pgidrive.com.
更多背景信息:我已经从其他域成功地提出了同样的请求而没有任何问题。我在pgidrive.com上的.htaccess文件中设置了包含imeet.pgi.com的允许源域列表。
Also, the code for the allowed origin domains in my .htaccess:
此外,我的.htaccess中允许的原始域的代码:
<IfModule mod_headers.c>
SetEnvIf Origin "http(s)?://(www\.)?(agenday.com|imeet.pgi.com|pgi.com|go.pgi.com|staging.pgi.com|imeetlive.pgi.com|globalmeet.pgi.com|latam.pgi.com|br.pgi.com|pgi.ca)$" AccessControlAllowOrigin=$0$1
Header add Access-Control-Allow-Origin %{AccessControlAllowOrigin}e env=AccessControlAllowOrigin
Header set Access-Control-Allow-Credentials true
</IfModule>
1 个解决方案
#1
2
In your htaccess file, when doing the following:
在您的htaccess文件中,执行以下操作时:
SetEnvIf Origin "http(s)?://(www\.)?(agenday.com|imeet.pgi.com|pgi.com|go.pgi.com|staging.pgi.com|imeetlive.pgi.com|globalmeet.pgi.com|latam.pgi.com|br.pgi.com|pgi.ca)$" AccessControlAllowOrigin=$0$1
you have AccessControlAllowOrigin=$0$1. Here, $0 means the whole matched string, and $1 means the first matched group. The first matched group here is (s)?.
你有AccessControlAllowOrigin = $ 0 $ 1。这里,$ 0表示整个匹配的字符串,$ 1表示第一个匹配的组。这里第一个匹配的组是(s)?
When you make a request using the origin: https://imeet.pgi.com, the pattern is parsed and grouped as follows:
当您使用origin:https://imeet.pgi.com发出请求时,模式将被解析并分组如下:
$0 = `https://imeet.pgi.com` $1 = `s` $3 = `imeet.pgi.com`
which is why you see the s character.
这就是你看到s字符的原因。
Change that to (basically, remove the $1):
改为(基本上,删除$ 1):
SetEnvIf Origin "https?://(?:(?:agenday|(?:(?:imeet|go|staging|imeetlive|globalmeet|latam|br)\.)?pgi)\.com|pgi\.ca)$" AccessControlAllowOrigin=$0
#1
2
In your htaccess file, when doing the following:
在您的htaccess文件中,执行以下操作时:
SetEnvIf Origin "http(s)?://(www\.)?(agenday.com|imeet.pgi.com|pgi.com|go.pgi.com|staging.pgi.com|imeetlive.pgi.com|globalmeet.pgi.com|latam.pgi.com|br.pgi.com|pgi.ca)$" AccessControlAllowOrigin=$0$1
you have AccessControlAllowOrigin=$0$1. Here, $0 means the whole matched string, and $1 means the first matched group. The first matched group here is (s)?.
你有AccessControlAllowOrigin = $ 0 $ 1。这里,$ 0表示整个匹配的字符串,$ 1表示第一个匹配的组。这里第一个匹配的组是(s)?
When you make a request using the origin: https://imeet.pgi.com, the pattern is parsed and grouped as follows:
当您使用origin:https://imeet.pgi.com发出请求时,模式将被解析并分组如下:
$0 = `https://imeet.pgi.com` $1 = `s` $3 = `imeet.pgi.com`
which is why you see the s character.
这就是你看到s字符的原因。
Change that to (basically, remove the $1):
改为(基本上,删除$ 1):
SetEnvIf Origin "https?://(?:(?:agenday|(?:(?:imeet|go|staging|imeetlive|globalmeet|latam|br)\.)?pgi)\.com|pgi\.ca)$" AccessControlAllowOrigin=$0