xhr请求控件来源
[英]xhr request Control Origin
问题描述
I am trying to get xhr request. 
我正在尝试获取xhr请求。 (The script should run in a loop every 2 seconds) This is my script: (脚本应每2秒循环运行一次)这是我的脚本:
function getJson() {
var xhr = new XMLHttpRequest();
xhr.open("get", "http://www.oref.org.il/WarningMessages/alerts.json", true);
xhr.onload = function(){
var response = JSON.parse(xhr.responseText);
checkJson(response);
}
xhr.send(null);
setTimeout(arguments.callee, 2000);
}
getJson();
I am getting this error: XMLHttpRequest cannot load http://www.oref.org.il/WarningMessages/alerts.json. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://klh-dev.com' is therefore not allowed access. 我收到此错误: XMLHttpRequest cannot load http://www.oref.org.il/WarningMessages/alerts.json. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://klh-dev.com' is therefore not allowed access. XMLHttpRequest cannot load http://www.oref.org.il/WarningMessages/alerts.json. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://klh-dev.com' is therefore not allowed access.
So I searched online and I tried to add few lines to my script but it didnt work: response.addHeader("Access-Control-Allow-Origin", "http://www.oref.org.il/WarningMessages"); 因此,我在线搜索,尝试在脚本中添加几行,但没有成功: response.addHeader("Access-Control-Allow-Origin", "http://www.oref.org.il/WarningMessages");
response.addHeader("Access-Control-Allow-Origin", "*");
and I tried this one in external html page 我在外部html页面中尝试了这个
header('Access-Control-Allow-Origin: *');
Nothing worked.. 什么都没用..
1 个解决方案
解决方案1
1 已采纳 2014-07-21 20:01:47
You've run into a set of issue collectively known as Cross-Origin Resource Sharing (CORS). 您遇到了一系列问题,这些问题统称为跨源资源共享(CORS)。 Long story short, browsers typically don't allow scripts to access servers that the script didn't originate from, unless the server explicitly allows it. 长话短说,浏览器通常不允许脚本访问不是脚本源的服务器,除非服务器明确允许。 Since your script's origin http://klh-dev.com is not the same as the request target http://www.oref.org.il , the browser is blocking the request. 由于脚本的来源http://klh-dev.com与请求目标http://www.oref.org.il ,因此浏览器阻止了该请求。
There are two possible solutions: 1) modify the server to implement CORS headers (probably not possible unless you are in control of the server) or 2) use JSONP to execute the request (does not work in all cases). 有两种可能的解决方案:1)修改服务器以实现CORS标头(除非您在服务器的控制下,否则可能无法实现)或2)使用JSONP执行请求(并非在所有情况下均有效)。 So, JSONP or CORS? 那么,JSONP还是CORS?
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.