jQuery Ajax登录中没有“ Access-Control-Allow-Origin”标头

Question

I have a Login Page called login.php which is in the main first root level and users.php which is in assets/app/users.php . 我有一个名为login.php的登录页面，它位于主要的第一根目录下，而users.php则位于assets/app/users.php 。 I am using jQuery ajax to do the login process. 我正在使用jQuery ajax来执行登录过程。 In the JS part of login.php I have: 在login.php的JS部分中，我有：

    if(loginProceed){
        var data = {email: loginEmail, pass:  loginPass};
        var loginreq = $.ajax({
                                type: "POST",
                                url : "assets/app/users.php",
                                cache: false,
                                data: data
                          });

    loginreq.done(function(html) {
   if(html=='true'){
       window.location.replace('app.php'); }
   else  {
    $("#loginRequest").before('<div class="alert alert-danger err" role="alert">Email or Password Is Not Correct</div>');
    }
    });    
}
     e.preventDefault();
});

and in users.php I have 和在users.php我有

<?php
header('Access-Control-Allow-Origin: *');
session_start(); 
include 'config.php';
           $email = $_POST['email'];
           $pass  = $_POST['pass'];
           $conn = new mysqli(DB_HOST, DB_USER, DB_PASS, DB_DATABASE);                
           $sql = "SELECT id, email, fname, lname, type FROM users WHERE `email`=? AND `pass`=?";              
           $stmt = $conn->prepare($sql);
           $stmt->bind_param('ss', $email,$pass);
           $stmt->execute();
           $stmt->bind_result($theId,$theEmail,$theFName,$theLname,$theType);
           if ($stmt->fetch()) {
                echo 'true';
                $_SESSION['LOGIN_STATUS'] = true;
                $_SESSION['fname'] = $theFName;
           } else {
                echo 'false';
            }

Now this is doing the Login process for me in all browsers but for some other users it ONLY works on Chrome! 现在，我正在所有浏览器中执行登录过程，但对于其他一些用户，它仅可在Chrome上运行！ or even on none of them and we are getting theses errors in console: 甚至没有一个，我们在控制台中遇到了这些错误：

login.js:74 Object login.php:1 XMLHttpRequest cannot load http://domain.ca/login.php . login.js：74对象login.php：1 XMLHttpRequest无法加载http://domain.ca/login.php 。 No 'Access-Control-Allow-Origin' header is present on the requested resource. 所请求的资源上没有“ Access-Control-Allow-Origin”标头。 Origin ' http://www.domain.ca ' is therefore not allowed access. 因此，不允许访问源“ http://www.domain.ca ”。

or on FireFox 或在FireFox上

Password fields present on an insecure (http://) page. 不安全（http：//）页面上显示的密码字段。 This is a security risk that allows user login credentials to be stolen.[Learn More] "SensorNotRequired: https://developers.google.com/maps/documentation/javascript/error-messages " util.js:30:57 这是一种安全风险，使用户的登录凭据被盗。[了解更多]“ SensorNotRequired： https : //developers.google.com/maps/documentation/javascript/error-messages ” util.js：30：57

and on EI 和EI

SCRIPT7002: XMLHttpRequest: Network Error 0x4c7, The operation was canceled by the user. SCRIPT7002：XMLHttpRequest：网络错误0x4c7，该操作已被用户取消。

Can you please let me know why this is happening? 您能告诉我为什么会这样吗？

Answer 1

Try to allow single domain 尝试允许单个域

header('Access-Control-Allow-Origin: http://www.domain.ca');

or try modify .htaccess with Header set Access-Control-Allow-Origin "*" enter link description here 或尝试使用Header set Access-Control-Allow-Origin "*" Access.Control Header set Access-Control-Allow-Origin "*"修改.htaccess，在此处输入链接描述

Look like your script is loaded from domain.ca ( without www ) but you or other user making request to php from www.domain.ca 看起来您的脚本是从domain.ca（不带www）加载的，但是您或其他用户从www.domain.ca向php请求

jQuery Ajax登录中没有“ Access-Control-Allow-Origin”标头

问题描述

1 个解决方案

解决方案1
1 2015-11-05 21:50:32

jQuery Ajax登录中没有“ Access-Control-Allow-Origin”标头

问题描述

1 个解决方案

解决方案1 1 2015-11-05 21:50:32

解决方案1
1 2015-11-05 21:50:32