[英]Origin null is not allowed by Access-Control-Allow-Origin
I have made a small xslt file to create an html output called weather.xsl with code as follows:我制作了一个小的 xslt 文件来创建一个名为 weather.xsl 的 html output,代码如下:
<!-- DWXMLSource="http://weather.yahooapis.com/forecastrss?w=38325&u=c" -->
<xsl:stylesheet version="1.0"
xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
exclude-result-prefixes="yweather"
xmlns:yweather="http://xml.weather.yahoo.com/ns/rss/1.0" xmlns:geo="http://www.w3.org/2003/01/geo/wgs84_pos#">
<xsl:output omit-xml-declaration="yes" indent="yes"/>
<xsl:strip-space elements="*"/>
<xsl:template match="/">
<img src="{/*/*/item/yweather:condition/@text}.jpg"/>
</xsl:template>
</xsl:stylesheet>
I want to load in the html output into a div in an html file which I'm trying to do using jQuery as follows:我想将 html output 加载到 html 文件中的一个 div 中,我正在尝试使用 jQuery 执行以下操作:
<div id="result">
<script type="text/javascript">
$('#result').load('weather.xsl');
</script>
</div>
But I am getting the following error: Origin null is not allowed by Access-Control-Allow-Origin.但是我收到以下错误:Access-Control-Allow-Origin 不允许 Origin null。
I've read about adding a header to the xslt, but I'm not sure how to do that, so any help would be appreciated, and if loading in the html ouput can't be done this way, then advice on how else to do it would be great.我读过有关将 header 添加到 xslt 的信息,但我不确定该怎么做,因此我们将不胜感激,如果无法以这种方式加载 html 输出,请就其他方法提出建议这样做会很棒。
Origin null<\/code> is the local file system, so that suggests that you're loading the HTML page that does the
load<\/code> call via a
file:\/\/\/<\/code> URL (eg, just double-clicking it in a local file browser or similar).
Origin
null<\/code>是本地文件系统,因此这表明您正在加载通过
file:\/\/\/<\/code> URL 执行
load<\/code>调用的 HTML 页面(例如,只需在本地文件浏览器或类似文件中双击它)。
Most browsers apply the Same Origin Policy<\/a> to local files by disallowing even loading files from the same directory as the document.大多数浏览器将同源
策略<\/a>应用于本地文件,甚至禁止从与文档相同的目录加载文件。 (It used to be that Firefox allowed the same directory and subdirectories, but not any longer<\/a> .
(过去是 Firefox 允许相同的目录和子目录,但
不再<\/a>允许 .
Basically, using ajax with local resources doesn't work.基本上,将 ajax 与本地资源一起使用是行不通的。
![](/img/trans.png)
"
Chrome and Safari has a restriction on using ajax with local resources. Chrome 和 Safari 对使用本地资源的 ajax 有限制。 That's why it's throwing an error like
这就是为什么它会抛出一个错误
Origin null is not allowed by Access-Control-Allow-Origin.
Access-Control-Allow-Origin 不允许 Origin null。
Solution: Use firefox or upload your data to a temporary server.解决方案:使用 Firefox 或将您的数据上传到临时服务器。 If you still want to use Chrome, start it with the below option;
如果您仍想使用 Chrome,请使用以下选项启动它;
--allow-file-access-from-files
More info how to add the above parameter to your Chrome: Right click the Chrome icon on your task bar, right click the Google Chrome on the pop-up window and click properties and add the above parameter inside the Target textbox under Shortcut tab.有关如何将上述参数添加到 Chrome 的更多信息:右键单击任务栏上的 Chrome 图标,右键单击弹出窗口中的 Google Chrome,然后单击属性并将上述参数添加到快捷方式选项卡下的目标文本框中。 It will like as below;
它会如下所示;
C:\Users\XXX_USER\AppData\Local\Google\Chrome\Application\chrome.exe --allow-file-access-from-files
Hope this will help!希望这会有所帮助!
Just wanted to add that the "run a webserver" answer seems quite daunting, but if you have python on your system (installed by default at least on MacOS and any Linux distribution) it's as easy as:只是想补充一点,“运行网络服务器”的答案似乎相当令人生畏,但如果你的系统上有 python(至少默认安装在 MacOS 和任何 Linux 发行版上),它就像这样简单:
python -m http.server # with python3
or或者
python -m SimpleHTTPServer # with python2
So if you have your html file myfile.html
in a folder, say mydir
, all you have to do is:因此,如果您将 html 文件
myfile.html
放在一个文件夹中,例如mydir
,您所要做的就是:
cd /path/to/mydir
python -m http.server # or the python2 alternative above
Then point your browser to:然后将浏览器指向:
http://localhost:8000/myfile.html
And you are done!你完成了! Works on all browsers , without disabling web security, allowing local files, or even restarting the browser with command line options.
适用于所有浏览器,无需禁用网络安全,允许本地文件,甚至使用命令行选项重新启动浏览器。
I would like to humbly add that according to this SO source: https:\/\/stackoverflow.com\/a\/14671362\/1743693<\/a> , this kind of trouble is now partially<\/strong> solved simply by using the following jQuery instruction:我想根据这个SO来源谦虚地补充一点:
https<\/a> :\/\/stackoverflow.com\/a\/14671362\/1743693,现在只需使用以下jQuery指令就可以部分<\/strong>解决这种问题:
<script>
$.support.cors = true;
</script>
Adding a bit to use Gokhan's solution for using:添加一点以使用 Gokhan 的解决方案:
--allow-file-access-from-files
I was looking for an solution to make an XHR request to a server from a local html file and found a solution using Chrome and PHP.我正在寻找一种从本地 html 文件向服务器发出 XHR 请求的解决方案,并找到了使用 Chrome 和 PHP 的解决方案。 (no Jquery)
(没有jQuery)
Javascripts: Javascript:
var x = new XMLHttpRequest();
if(x) x.onreadystatechange=function(){
if (x.readyState === 4 && x.status===200){
console.log(x.responseText); //Success
}else{
console.log(x); //Failed
}
};
x.open(GET, 'http://example.com/', true);
x.withCredentials = true;
x.send();
You can load a local Javascript file (in the tree below your file:/
source page) using the source tag:您可以使用 source 标记加载本地 Javascript 文件(在
file:/
源页面下方的树中):
<script src="my_data.js"></script>
If you encode your input into Javascript, like in this case:如果您将输入编码为 Javascript,例如在这种情况下:
mydata.js : mydata.js :
$xsl_text = "<xsl:stylesheet version="1.0" + ....
(this is easier for json) then you have your 'data' in a Javascript global variable to use as you wish. (这对 json 来说更容易)然后你可以在 Javascript 全局变量中使用你的“数据”来随意使用。
Using Java Spring to run a web service, you need to add: @ServletComponentScan
right above @SpringBootApplication
in your auto-generated YouAppApplication.java file ( the one with the main() function ) and create a class with the following implementation:使用 Java Spring 运行 web 服务,您需要在自动生成的 YouAppApplication.java 文件(带有 main() function 的文件)中的
@ServletComponentScan
上方添加@SpringBootApplication
并创建 1818195 实现后的 8:1818195
@WebFilter("/*")
public class AddResponseHeaderFilter implements Filter {
@Override
public void init(FilterConfig filterConfig) throws ServletException {
// ...
}
@Override
public void doFilter(ServletRequest servletRequest,
ServletResponse servletResponse,
FilterChain filterChain) throws IOException, ServletException {
HttpServletResponse httpServletResponse = (HttpServletResponse) servletResponse;
httpServletResponse.addHeader("Access-Control-Allow-Origin", "null");
httpServletResponse.addHeader("Access-Control-Allow-Credentials", "true");
filterChain.doFilter(servletRequest, servletResponse);
}
@Override
public void destroy() {
// ...
}
}
note that you can choose a different name for this class as soon as it implements Filter and has the @WebFilter
annotation you can also provide a different wildcard than /*
so this filter doesn't apply to every endpoint.请注意,您可以为这个 class 选择不同的名称,只要它实现 Filter 并具有
@WebFilter
注释,您还可以提供与/*
不同的通配符,因此此过滤器不适用于每个端点。
As specified by @Louis Loudog Trottier you need to add ...withCredentials = true;
正如@Louis Loudog Trottier 所指定的,您需要添加
...withCredentials = true;
when creating your Ajax request for this to work.在创建您的 Ajax 请求时。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.