1

我无法通过以下错误从 XHR 获取 GET

XMLHttpRequest cannot load http://blog.rrikesh.com/demo/assets/img/img1.jpg. Origin       
http://localhost:3000 is not allowed by Access-Control-Allow-Origin.

所以,我允许这样的跨域访问:

class ApplicationController < ActionController::Base
  protect_from_forgery
  before_filter :allow_cross_domain_access
  def allow_cross_domain_access
      response.headers["Access-Control-Allow-Origin"] = "*"
      response.headers["Access-Control-Allow-Methods"] = "GET, PUT, POST, DELETE"
  end
end

但是,它会发生同样的错误。我能做些什么?

4

1 回答 1

1

以下 PHP 代码适用于我。请注意 if (...) 非常重要,如果您为所有请求返回相同的 CORES 标头,那么(至少)chrome 将取消请求(至少对于 localhost 服务器)

<?php
if (isset($_SERVER['HTTP_ORIGIN'])) {
    //header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
    header("Access-Control-Allow-Origin: *");
    header('Access-Control-Allow-Credentials: true');    
    header("Access-Control-Allow-Methods: GET, POST, OPTIONS"); 
}   
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
    if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
        header("Access-Control-Allow-Methods: GET, POST, OPTIONS");         
    if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
        header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");

    exit(0);
}

?>

于 2013-06-15T12:09:31.297 回答