ReactJS-PHP GET请求已被CORS策略阻止
[英]ReactJS - PHP GET Request has been blocked by CORS policy
问题描述
i have a reactjs app and a php api all on my local system. 
我在我的本地系统上都有一个reactjs应用程序和一个php API。 i run a post fetch function and this works fine and i become the response from server 我运行后提取功能,并且工作正常,并且我成为服务器的响应
let formData = new FormData();
formData.append('username', username);
formData.append('password', password);
fetch('http://api.**********/users/login', {
method: 'post',
body: formData
}).then(function(response) {
return response.json();
}).then(function(data) {
console.log(data);
});
and now i have second request on a other site 现在我在另一个站点上有第二个请求
fetch('http://api.*******', {
method: 'get',
headers: {
'X-API-TOKEN':token
}
}).then(function(response) {
console.log(response.body);
//return response.json();
}).then(function(data) {
//console.log(data);
});
but by the second function i get this error: 但是通过第二个功能我得到这个错误:
Access to fetch at ' http://api .*********' from origin ' http://localhost:3000 ' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.
i dont want to use the proxy. 我不想使用代理。 but i dont understand why the function works with post on the first site and i get this error on the seconds site with the same function. 但我不明白为什么该功能可以在第一个网站上发布,并且我在第二个网站上使用相同的功能得到此错误。 on the php server this is active 在PHP服务器上这是活跃的
header("Access-Control-Allow-Origin: *");
1 个解决方案
解决方案1
0 2019-07-15 00:08:13
It's not about the same function doesn't complain about CORS in the first case but it complains about second request. 它与同一个函数无关,在第一种情况下不会抱怨CORS,但会抱怨第二个请求。 It has to do with the domain (origin and source) you are trying to access. 它与您要访问的域(源和源)有关。 I suggest you read up on CORS here to get a better understanding and how browsers enforce it. 我建议您在此处阅读CORS ,以更好地了解以及浏览器如何执行它。
I think the POST request is for the same domain and GET is for a different one. 我认为POST请求针对相同的域,而GET请求针对不同的域。 You didn't specify the domains (even a fake one to distinguish them so I'm assuming they are different). 您没有指定域(即使是伪造的域也可以区分它们,所以我假设它们是不同的)。 The error is coming from the browser because you're basically on Domain A and trying to access Domain B resource with your fetch request. 该错误来自浏览器,因为您基本上位于域A上,并尝试通过获取请求访问域B资源。 When browser notices that, it will first try an OPTION request to figure out if Domain B allows CORS and what methods are available. 当浏览器注意到这一点时,它将首先尝试一个OPTION请求,以确定域B是否允许CORS以及可用的方法。 If CORS isn't available it shows the error you're getting above. 如果CORS不可用,则会显示您遇到的错误。
Your web server should also allow CORS support apart from setting the proper headers. 您的网络服务器除了设置适当的标题外,还应允许CORS支持。 Check out this link on how you can do so for various web servers. 查看此链接 ,了解如何针对各种Web服务器执行此操作。
I hope this helps. 我希望这有帮助。 Good luck. 祝好运。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.