ajax post request is No'Access-Control-Allow-Origin'标头出现在请求的资源上。

I'm just making an ajax post request and I'm getting an error like:

我只是发一个ajax post请求,我收到的错误如下:

XMLHttpRequest cannot load https://xxx.com?redirect_uri=http://www.example.com. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://example.com' is therefore not allowed access.

XMLHttpRequest无法加载https://xxx.com?redirect_uri=http://www.example.com。请求的资源上不存在“Access-Control-Allow-Origin”标头。因此,不允许来源“http://example.com”访问。

And here I can see there is nothing different from my response domain and request domain except "www", so does "www" also cause this issue?

在这里我可以看到除了“www”之外没有什么不同于我的响应域和请求域,那么“www”也会导致这个问题吗?

2 个解决方案

#1

The problem is because you are making a cross-domain AJAX request, which prevented by browser security - see the Same Origin Policy.

问题是因为您正在制作跨域AJAX请求,这会阻止浏览器安全性 - 请参阅同源策略。

The request is expecting you to be making a request to a CORS enabled domain, hence why it is complaining about the non-existant header.

该请求期望您向启用CORS的域发出请求,因此它会抱怨不存在的标头。

You either need to change your request to jsonp type, or use a server-side proxy to get the data.

您需要将请求更改为jsonp类型,或使用服务器端代理来获取数据。

#2

When requesting data from external website it is always best to not do it in ajax , but if you have to do it an ajax have a internal page which makes a call with server side code and call that page with ajax.

从外部网站请求数据时,最好不要在ajax中执行此操作,但如果必须这样做,则ajax会有一个内部页面,它使用服务器端代码进行调用并使用ajax调用该页面。

#1