已被 CORS 政策阻止:无“访问控制允许来源”
[英]has been blocked by CORS policy: No 'Access-Control-Allow-Origin'
问题描述
I am trying to obtain data from a JSON, in local mode I can make it work, I have to enable a CORS extension in chrome and that's it.
我正在尝试从 JSON 获取数据,在本地模式下我可以使其工作,我必须在 chrome 中启用 CORS 扩展,仅此而已。 Then when I have decided to upload the file to the server, on the server side with PHP, I enable the headers as follows然后,当我决定将文件上传到服务器时,在服务器端使用 PHP,我启用如下标头
<?php
header("Access-Control-Allow-Origin: *");
?>
y tambien en el .htaccess de la siguiente manera: y tambien en el .htaccess de la siguiente manera:
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin "*"
</IfModule>
Access to XMLHttpRequest at 'https://www.siteExample.com/coins/151.json?hr=100' from origin 'https://meSiteExample.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
What else can I do?我还可以做些什么?
2 个解决方案
解决方案1
-1 2021-05-17 21:12:28
As I read here , Maybe you need use:正如我在这里读到的,也许你需要使用:
Header add Access-Control-Allow-Origin "*"
Instead of:代替:
Header set Access-Control-Allow-Origin "*"
in your .htaccess file.在您的 .htaccess 文件中。
Also Remember & pay attention '*' will enable CORS for all websites.另请记住并注意'*'将为所有网站启用 CORS。 and it has security risks.并且存在安全隐患。 if you know your request coming from where, you can filter that by enter domain instead of '*' .如果您知道您的请求来自哪里,您可以通过输入域而不是'*'来过滤它。
For example:例如:
Header add Access-Control-Allow-Origin "example.com" //OR "localhost"
解决方案2
-1 2021-05-17 21:12:48
use this instead of esterik * Access-Control-Allow-Headers: Accept用这个代替esterik * Access-Control-Allow-Headers: Accept
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.