在某些情况下没有“ Access-Control-Allow-Origin”标头错误,但在其他情况下则没有
[英]No 'Access-Control-Allow-Origin' header error in some cases, but not in others
问题描述
I know there are already a lot of questions about this. 
我知道对此已经有很多疑问。 I looked at most of them. 我看着大多数。 The server must return a response with the said header, allowing my origin to do requests on it. 服务器必须返回带有所述标头的响应,以允许我的源对其进行请求。
However, there is something I don't understand. 但是,有些事情我不理解。 I am in the process of creating a simple Stash plugin doing a post request when clicking on a button. 我正在创建一个简单的Stash插件,并在单击按钮时执行发布请求。
I have that error. 我有那个错误。 Ok. 好。 But why is the post request working? 但是为什么邮寄要求有效? The post is to launch a build and the build is launched. 帖子是要启动构建,然后启动构建。 I still have the error, so on the client side, I display a message saying that the build was not launched... 我仍然有错误,因此在客户端,我显示一条消息,指出该构建未启动...
Even stranger, I have a colleague that did a simple Chrome extension doing the same thing and the error is not displayed in the browser console... 甚至更陌生,我有一个同事做了一个简单的Chrome扩展程序,做了同样的事情,并且错误未显示在浏览器控制台中...
I want to understand why mine fails and his succeeds. 我想了解为什么我的失败和他的成功。
My Stash plugin javascript code: 我的Stash插件JavaScript代码:
require(['jquery', 'stash/api/util/state'], function ($, pageState) {
var url = "https://build.company.org:8443/trigger";
var commit = pageState.getCommit();
var repo = pageState.getRepository()
$.post(
url,
{
'code': '9b73fccb6c839d',
'workflow.repourl': 'ssh://git@stash.company.org:7999/' + repo.project.key + "/" + repo.name,
'workflow.reponame': repo.project.key + "/" + repo.name,
'workflow.revision': commit.id,
'workflow.user': commit.author.name,
'workflow.message': commit.message
},
function (data) {
AJS.messages.success("#launch-build-message", {
fadeout: true,
delay: 5000,
title: "Success!",
body: "The build was<br>successfully launched!"
});
}
).fail(function () {
AJS.messages.error("#launch-build-message", {
fadeout: true,
delay: 5000,
title: "Error!",
body: "The build could not<br>be launched!"
});
});
});
His Chrome extension javascript: 他的Chrome扩展程序javascript:
var build_status_div = $('div.build-status-summary');
var rebuild_div = $('<div class="plugin-item"></div>').insertAfter(build_status_div);
var rebuild_a = rebuild_div.append('<a href=""><span class="aui-icon aui-icon-small aui-iconfont-build" title="Launch another build"></span><span class="label">Launch another build</span></a>');
var success_div = $('<div class="plugin-item build-result build-success"><span>Build started !</span></div>').insertAfter(rebuild_div);
var failure_div = $('<div class="plugin-item build-result build-failure"><span>Could not start the build.</span></div>').insertAfter(success_div);
success_div.hide();
failure_div.hide();
rebuild_a.click(function(ev) {
ev.preventDefault();
$.post(
'https://build.company.org:8443/trigger',
{
'code': '9b73fccb6c839d',
'property:workflow.repourl': 'ssh://git@stash.company.org:7999/Project_1/Rep_1,
'property:workflow.reponame': 'Project_1/Rep_1,
'property:workflow.revision': 'dbc5de00a675996df25cebb6c3cce7fad39247b9',
'workflow.user': 'Some User',
'workflow.message': 'test'
},
function (data) {
success_div.fadeIn().delay(5000).fadeOut();
}
).fail(function () {
failure_div.fadeIn().delay(5000).fadeOut();
});
});
1 个解决方案
解决方案1
1 已采纳 2014-12-03 20:25:10
I have a colleague that did a simple Chrome extension
Chrome extensions are pieces of software that are explicitly installed into the browser. Chrome扩展程序是明确安装在浏览器中的软件。 They are granted permission to read data from other websites. 他们被授予从其他网站读取数据的权限。
JavaScript on an arbitrary page you visit is given more limited access. 您访问的任意页面上的JavaScript的访问权限都受到限制。 If you want to access another origin with XMLHttpRequest, that origin must use CORS to grant your site permission. 如果要使用XMLHttpRequest访问另一个来源,则该来源必须使用CORS授予您的站点权限。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.