在Openshift上使用Angular和PHP的跨域脚本错误
[英]Cross-Domain Scripting Error using Angular and PHP on Openshift
问题描述
I've searched all over the web, found various answers in other stackoverflow threads, tried them ALL and couldn't get mine to work. 
我在网上搜索了所有内容,在其他stackoverflow线程中找到了各种答案,全部尝试了一下,但无法正常工作。 Scenario: 场景:
- Using angular at client side and using http-get requests 在客户端使用angular并使用http-get请求
- Using PHP at server side next to MySQL database running on Openshift host. 在OpenShift主机上运行的MySQL数据库旁边的服务器端使用PHP。
Angular code: 角度代码:
var app = angular.module("myapp", []).config(function ($httpProvider) {
//Enable cross domain calls
$httpProvider.defaults.useXDomain = true;
delete $httpProvider.defaults.headers.common['X-Requested-With'];
});
app.controller("Circle", function ($scope, $http)
{
$scope.Bijstand = function (Verdiep) {
$http.get(url + "?function=getMetingen&Verdieping="+Verdiep)
.success(function (Result) {
console.log(Result);
});
}
});
PHP code: PHP代码:
header("Access-Control-Allow-Origin: 'http://localhost:54700'")
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: GET, POST");
header("Access-Control-Allow-Headers: X-Requested-With");
$servername = getenv('OPENSHIFT_MYSQL_DB_HOST').":".getenv('OPENSHIFT_MYSQL_DB_PORT');
$username = getenv('OPENSHIFT_MYSQL_DB_USERNAME');
$password = getenv('OPENSHIFT_MYSQL_DB_PASSWORD');
$dbname = getenv('OPENSHIFT_GEAR_NAME');
// Create connection
$con = $con = mysql_connect($servername, $username, $password);
// Check connection
if (!$con) {
die("Connection failed: " . mysql_error());
}
mysql_select_db($dbname,$con);
when making the http-get request from angular to php I get the following error: 当从angular到php发出http-get请求时,出现以下错误:
SEC7120 : Origin of 'http://localhost:54700' not found in Access -Control- Allow -Origin header . SCRIPT7002 : XMLHttpRequest : Network error 0x80700013 , Can not complete this operation by mistake 80700013 . SERVER ERROR - The server has detected an unexpected error that the request can not be completed.( XHR ) : GET - " getString "
I've seen various methods of trying to fix this and I have tried ALL of them and none work. 我已经看到了各种尝试解决此问题的方法,并且我尝试了所有这些方法,但都无济于事。 Please help me debug this. 请帮我调试一下。 FYI: I'm not concerned with security of the database or the data. 仅供参考:我不关心数据库或数据的安全性。 The information stored is not sensitive at all so don't hold back on the "privacy" issues. 存储的信息根本不敏感,因此不要隐瞒“隐私”问题。 Thanks 谢谢
1 个解决方案
解决方案1
0 2015-12-18 22:03:44
This is probably not a complete answer, but the HTTP response can have only a single value for Access-Control-Allow-Origin . 这可能不是一个完整的答案,但是HTTP响应只能为Access-Control-Allow-Origin提供一个值。
For example, another SO Question discusses the problems when multiple ACAO fields are used. 例如, 另一个SO问题讨论了使用多个ACAO字段时的问题。
Listing the values in a single field will not work either. 在单个字段中列出值也不起作用。 The W3C Spec says: W3C规范说:
Rather than allowing a space-separated list of origins, it is either a single origin or the string "null".
Using '*' (asterisk) as the value, will not work always, see the W3C Spec for more details. 使用“ *”(星号)作为值将不会总是起作用,有关更多详细信息,请参见W3C规范。
Thus, the only safe value to return is ' http://localhost:54700 '. 因此,唯一返回的安全值是“ http:// localhost:54700 ”。
Finally, Chrome has had issues with supporting CORS on localhost, see this Question for further details. 最后,Chrome在本地主机上支持CORS时遇到了问题,请参阅此问题以获取更多详细信息。 This problem was still there a couple of months ago when I studied CORS the last time. 几个月前,当我上次学习CORS时,这个问题仍然存在。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.