错误在请求的资源上没有“ Access-Control-Allow-Origin”标头
[英]Error No 'Access-Control-Allow-Origin' header is present on the requested resource
问题描述
I'm trying to make a biometric authentication on a remote machine, using XMLHttpRequest. 
我正在尝试使用XMLHttpRequest在远程计算机上进行生物特征认证。 But it is returning the following message: 但它返回以下消息:
XMLHttpRequest cannot load http://177.55.99.146:8080/autenticacao/autentica?arquivo=[object%20File] . XMLHttpRequest无法加载http://177.55.99.146:8080/autenticacao/autentica?arquivo=[object%20File] 。 No 'Access-Control-Allow-Origin' header is present on the requested resource. 所请求的资源上没有“ Access-Control-Allow-Origin”标头。 Origin ' http://www.yaratecnologia.com.br ' is therefore not allowed access 因此,不允许访问来源“ http://www.yaratecnologia.com.br ”
The code follows bellow .... Does anyone know where is the mistake? 代码如下。..有人知道错误在哪里吗? What should I do? 我该怎么办?
<?php
// Allow from any origin
if (isset($_SERVER['HTTP_ORIGIN'])) {
header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Max-Age: 86400'); // cache for 1 day
}
// Access-Control headers are received during OPTIONS requests
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
exit(o);
}
echo "You have CORS!";
?>
<script type="text/javascript">
function autenticarbiometria() {
var fileInput = document.getElementById('fileInput');
var file = fileInput.files[0];
var reader = new FileReader();
var campo = "";
var status = "f";;
if (file.size != 400) {
alert("ATENÇÃO --> O arquivo selecionado NÃO está em um formato Biométrico válido!");
return false;
}
if (!confirm("CONFIRMA AUTENTICAÇÃO BIOMÉTRICA NA BASE DE DADOS?")) {
return false;
}
if(window.XMLHttpRequest) {
req = new XMLHttpRequest();
}
else if(window.ActiveXObject) {
req = new ActiveXObject("Microsoft.XMLHTTP");
}
// Arquivo PHP juntamente com o valor digitado no campo (metodo GET)
var url = "http://177.55.99.146:8080/autenticacao/autentica?arquivo="+file;
// Chamada do metodo open para processar a requisicao
req.open("GET",url,true);
req.send(null);
// Quando o objeto recebe o retorno, chamamos a seguinte funcao
req.onreadystatechange = function() {
alert("Retorno do readyState == " + req.readyState + " readyStatus == " + req.status);
if(req.readyState == 4 && req.status == 200) {
// Resposta retornada pelo busca.php
var resposta = req.responseText;
alert("ATENÇÃO --> RETORNO AUTENTICACAO = " + resposta);
}
}
}
</script>
1 个解决方案
解决方案1
0 2015-05-18 12:45:19
Your snippet is a little confusing. 您的摘要有些混乱。 If the whole code belongs to the same page, it seems like you have enabled CORS on you local machine, while the Access-Control-Allow-Origin must be set on the remote server you are autenthicating at. 如果整个代码都属于同一页面,则似乎您已在本地计算机上启用了CORS,而必须在您要使用的远程服务器上设置Access-Control-Allow-Origin 。
You should change the code on the remote server by setting the correct Access-Control-Allow-Origin header or, if that's not possible, you should perform the authentication from PHP (server-side). 您应该通过设置正确的Access-Control-Allow-Origin标头来更改远程服务器上的代码,或者,如果不可能,则应该从PHP(服务器端)执行身份验证。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.