我遇到了CORS问题。我已经使用 WSSE 开发了一个 REST Web 服务来保护它。必须通过 jQuery 请求从混合移动应用程序调用 Web 服务。
我正在尝试通过 jquery 调用 web 服务方法,但我总是得到 405 响应。
这是虚拟主机配置:
Header set Access-Control-Allow-Origin: *
Header set Access-Control-Allow-Headers: *
这是 jQuery 客户端:
$.ajax({
type:"GET",
beforeSend : function(xhrObj) {
xhrObj.setRequestHeader(
"Authorization",'WSSE profile="UsernameToken"'
);
xhrObj.setRequestHeader(
"X-WSSE", generateWsseToken(username, secret)
);
},
url: callUrl,
crossDomain: true,
dataType: "json",
success: function(msg) {
console.log(msg);
}
});
这些是 Firebug 中所示的响应和请求:
-- RESPONSE --
HTTP/1.1 405 Method Not Allowed
Date: Thu, 31 Jul 2014 13:46:25 GMT
Server: Apache/2.4.6 (Ubuntu)
X-Powered-By: PHP/5.5.3-1ubuntu2.6
Cache-Control: no-cache
Allow: GET, HEAD
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: *
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8
-- REQUEST --
OPTIONS /myurl HTTP/1.1
Host: 127.0.0.66
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:30.0) Gecko/20100101 Firefox/30.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: it,en-us;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Origin: http://localhost
Access-Control-Request-Method: GET
Access-Control-Request-Headers: authorization,x-wsse
Connection: keep-alive
Cache-Control: max-age=0
我做错了什么?
我读过很多讨论,但没有运气。例如: