Using nginx, I have an html file served at sub.example.com
which needs to get its json data from example.com
But the json is not loaded. Instead, in Chrome browser I get:
The 'Access-Control-Allow-Origin' header has a value 'https://example.com' that is not equal to the supplied origin. Origin 'http://sub.example.com' is therefore not allowed access.
How can I fix this?
You need to set CORS headers on your example.com server to allow the domain sub.example.com to use this resource, for example:
Access-Control-Allow-Origin
add_header Access-Control-Allow-Origin "https://sub.example.com" always;
add_header Access-Control-Allow-Headers "Origin, Content-Type, Accept" always;
add_header Access-Control-Allow-Methods "GET, POST, PUT, OPTIONS, DELETE" always;
OR
add_header Access-Control-Allow-Origin "https://*.example.com" always;
add_header Access-Control-Allow-Headers "Origin, Content-Type, Accept" always;
add_header Access-Control-Allow-Methods "GET, POST, PUT, OPTIONS, DELETE" always;
You need to set it in a server that handles the Json. You can allow * in CORS, but it isn't recommended.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.