Ajax调用给我跨域错误
[英]Ajax call giving me cross domain error
问题描述
I have just moved my application to production server and getting an error when i try to access the page using "www" When i try to load my page as " http://example.com " it load the page and content properly and when i try to access page like "www.example.com" my all ajax calls are giving errors like : 
我刚刚将我的应用程序移动到生产服务器并在我尝试使用“www”访问页面时收到错误当我尝试将页面加载为“ http://example.com ”时,它正确加载页面和内容我尝试访问像“www.example.com”这样的页面我的所有ajax调用都给出了如下错误:
XMLHttpRequest cannot load http://example.com/dashboard/ .
I am using PHP with angular. 我正在使用PHP角度。
4 个解决方案
解决方案1
1 已采纳 2016-04-29 07:13:16
Is your website served with www and without it the same way? 您的网站是否使用www并且没有相同的方式? if not maybe you could add rewrite rule to htaccess so version with www and without it would serve both the same way? 如果没有,也许你可以添加重写规则到htaccess这样的版本与www和没有它将以同样的方式服务? In such case you should not get cross domain error 在这种情况下,您不应该遇到跨域错误
RewriteEngine On
RewriteCond %{HTTP_HOST} ^example.com
RewriteRule (.*) http://www.example.com/$1 [R=301,L]
解决方案2
0 2016-04-29 07:14:44
This issues is occurring because you have not set the access control origin at your server side. 出现此问题是因为您尚未在服务器端设置访问控制源。 You can solve this issue by setting it at server end 您可以通过在服务器端设置它来解决此问题
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Headers: *");
解决方案3
0 2016-04-29 07:20:19
When you make a request from browser, browser does a prefetch (sometime it doesn't) in either case, it checks if Access-Control-Allow-Origin actually allows your client's site to make request on different domain (web security stuff). 当您从浏览器发出请求时,浏览器会在任何一种情况下执行预取(有时它不会),它会检查Access-Control-Allow-Origin实际上允许您的客户端站点在不同的域上发出请求(Web安全性内容)。 If that doesn't match to where you are sending request from, browser blocks the request and doesn't send it. 如果这与您发送请求的位置不匹配,浏览器会阻止请求并且不会发送请求。
To make request, you will need to edit the server side (on PHP), you should allow that domain, it also supports wildcards: 要发出请求,您需要编辑服务器端(在PHP上),您应该允许该域,它还支持通配符:
<?php
header("Access-Control-Allow-Origin: www.example.com");
?>
Now you can start making requests from anywhere, you can also limit the requests to specific domain so that only one domain can send you requests like: 现在您可以从任何地方开始发出请求,您也可以将请求限制到特定域,以便只有一个域可以向您发送请求,例如:
header("Access-Control-Allow-Origin: example.com");
解决方案4
0 2016-04-29 07:28:31
This is to be expected. 这是可以预料的。 The Same Origin Policy states: 同源政策规定:
Two pages have the same origin if the protocol, port (if one is specified), and host are the same for both pages.
www.example.com and example.com are different hostnames, so you are crossing origins. www.example.com和example.com是不同的主机名,所以你是跨越起源。
While the colloquialism is to refer to cross-domain requests, it is cross-origin requests that are significant; 虽然口语化是指跨域请求,但它是重要的跨域请求; cross-domain requests are only a subset of those. 跨域请求只是其中的一部分。
Don't host your site on multiple hostnames, pick one and stick to it. 不要将您的网站托管在多个主机名上,选择一个并坚持使用它。 (You'll probably want to set up a redirect from the other one to it). (您可能希望设置从另一个重定向到它)。
Using relative instead of absolute URIs would also reduce the possibility of this kind of mistake. 使用相对而不是绝对URI也会降低这种错误的可能性。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.