无法使用jQuery发出CORS请求

Question

我正在关注以下示例：

http://www.html5rocks.com/en/tutorials/cors/#toc-cors-from-jquery

这是我的代码：

<html>
<head>
    <script type="text/javascript" src="http://code.jquery.com/jquery-latest.min.js"></script>
</head>
<body>
    <script>
    $(document).ready(function(){

        $.getJSON("http://172.28.101.197:3000/tests.json",function(config){

            var create_config_url = "https://act.domain.com/act2/act/createConfigfile?accountid=" + config.accountId + "&configfilename=" + config.name

            alert ("here goes nothing!");
            $.ajax({


                // The 'type' property sets the HTTP method.
                // A value of 'PUT' or 'DELETE' will trigger a preflight request.
                type: 'GET',

                // The URL to make the request to.
                url: create_config_url,

                // The 'contentType' property sets the 'Content-Type' header.
                // The JQuery default for this property is
                // 'application/x-www-form-urlencoded; charset=UTF-8', which does not trigger
                // a preflight. If you set this value to anything other than
                // application/x-www-form-urlencoded, multipart/form-data, or text/plain,
                // you will trigger a preflight request.
                contentType: 'text/plain',

                xhrFields: {
                // The 'xhrFields' property sets additional fields on the XMLHttpRequest.
                // This can be used to set the 'withCredentials' property.
                // Set the value to 'true' if you'd like to pass cookies to the server.
                // If this is enabled, your server must respond with the header
                // 'Access-Control-Allow-Credentials: true'.
                    withCredentials: false
                },

                headers: {
                // Set any custom headers here.
                // If you set any non-simple headers, your server must include these
                // headers in the 'Access-Control-Allow-Headers' response header.
                },

                success: function() {
                    alert( "I think I created a config" );
                // Here's where you handle a successful response.
                },

                error: function() {

                    alert ("That's an error!");
                // Here's where you handle an error response.
                // Note that if the error was due to a CORS issue,
                // this function will still fire, but there won't be any additional
                // information about the error.
                }
                //$.get(create_config_url,function(result){

            });

        });
});</script>
</body>
</html>    

我收到以下错误：

XMLHttpRequest cannot load https://act.domain.com/act2/act/createConfigfile?accountid=AANA-EJ8SB&configfilename=rabdelaz.netstorage-pm.com. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.

Answer 1

尝试添加：crossDomain：true

您也可以尝试：contentType：“ jsonp”

Answer 2

从外观上看，您尝试与之通信的服务器似乎未启用CORS。如果已启用，则发送GET请求的域不在服务器允许的域白名单中。 我看不到ajax有任何问题。如果您想进一步了解CORS，我最近在这里写了一篇有关CORS的详细文章。 希望能有所帮助

Answer 3

我真的不知道您使用的后端语言是什么，但是您需要使用jsonp使其更加安全和跨域：true。
Access-Control-Allow-Origin: *在这种情况下，星号可能是允许的主机
Access-Control-Allow-Methods: POST, GET, OPTIONS确保您的方法在列表中。