技术饭

ajax跨域:origin has been blocked by CORS policy Response to preflight request doesn't pass access control check

copylian    0 评论    6004 浏览    2020.11.14

ajax跨域:origin has been blocked by CORS policy Response to preflight request doesn't pass access control check,CORS策略已阻止从原点' http//localhost62797 '访问' http://api.bigcommerce.com/stores/4jwabif3gj/v2/orders.json'处的XMLHttpRequest :对预检请求的响应未收到通过访问控制检查:飞行前请求不允许重定向。

$.ajax({

      type:"get", 

      url:"https://api.piao-duoduo.com/index/index",

      async:true,

      data:{data:1},

      dataType: 'json',

      headers: {

             "Access-Token":"Access-Token123456",//自定义请求头

            "backendserver":$.cookie('backendserver')

            //"Content-Type":"application/json;charset=utf8"

      },

      ajaxGridOptions: {

            xhrFields: { 

                  withCredentials: true

            }

      }, 

      crossDomain: true, // 发送Ajax时,Request header 中会包含跨域的额外信息,但不会含cookie(作用不明,不会影响请求头的携带)

      success: function(data) {

            onsole.log(data);

      }

});


另外需要注意的是:前端请求的头部信息,一定要在后端头部设置一致,不一致会报跨域异常


// 指定允许其他域名访问

header('Access-Control-Allow-Origin:*');


// 跨域资源共享

header('Access-Control-Allow-Credentials:true');


// 响应头设置

header('Access-Control-Allow-Headers:x-token,x-uid,x-token-check,x-requested-with,content-type,Host,sponsortoken');


// 响应类型

header('Access-Control-Allow-Methods:*');


// 设置https

header("Content-Security-Policy: upgrade-insecure-requests");


// 指定本次预检请求的有效期

header("Access-Control-Max-Age: 1800");


飓风呀
感谢你的支持,我会继续努力!
扫码打赏,感谢您的支持!
jquery ajax 跨域 CORS 

文明上网理性发言!

  • 还没有评论,沙发等你来抢