Javascript No'访问控制允许来源'在加载不同url时,请求的资源上存在标头

Javascript No 'Access-Control-Allow-Origin' header is present on the requested resource on load of different url

本文关键字:请求 资源 存在 url 加载 访问控制 No Javascript      更新时间:2023-09-26

我正试图将不同url中的值加载到div中,加载后会出现错误。我试着用谷歌搜索了很多。我没有找到解决办法。我知道这个问题已经被问了,但仍然没有解决我的问题。

XMLHttpRequest cannot load http://bulksms.icubetech.com/api/checkbalance.php?user=&pass=. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.w3schools.com' is therefore not allowed access.

<!DOCTYPE html>
<html>
<head>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
<script>
$(document).ready(function(){
    $("button").click(function(){
        $("#div1").load("http://bulksms.icubetech.com/api/checkbalance.php?user=&pass=");
    });
});
</script>
</head>
<body>
<div id="div1"><h2>Let jQuery AJAX Change This Text</h2></div>
<button>Get External Content</button>
</body>
</html>

http://bulksms.icubetech.com/api/checkbalance.php得到的响应应该在其标头中包含Access-Control-Allow-Origin

应该是这样的:

Access-Control-Allow-Origin: yoursite.com

如果不能满足上述要求,就不能通过ajax访问此网站。

或者,您可以使用代理php脚本来完成这项工作。这个想法是在你自己的域中获得一个php脚本,与你试图访问的网站对话,并给你结果。这不会引起任何跨域问题,因为您的浏览器只与自己域中的php脚本通信。下面是一个代理脚本示例。请根据您的需要进行更改。

<?php
// Allowed hostname
define ('HOSTNAME', 'http://Your_Server/');
//returns the headers as an array
function getHeaders()
{
    $headers = array();
    foreach ($_SERVER as $k => $v)
    {
        if (substr($k, 0, 5) == "HTTP_")
        {
            $k = str_replace('_', ' ', substr($k, 5));
            $k = str_replace(' ', '-', ucwords(strtolower($k)));
            $headers[$k] = $v;
        }
    }
    return $headers;
} 
// Get the REST call path from the AJAX application
$path = $_REQUEST['path'];
$url = HOSTNAME.$path;
// Open the Curl session
$session = curl_init($url);
// If it's a POST, put the POST data in the body
if ($_POST['path']) {
 $postvars = '';
 while ($element = current($_POST)) {
  $postvars .= key($_POST).'='.$element.'&';
  next($_POST);
 }
 $postvars = substr($postvars, 0, -1);  // removing trailing &
 $postvars = str_replace('xml_version', 'xml version', $postvars);  // fix xml declaration bug?
 $postvars = stripslashes($postvars);
 curl_setopt ($session, CURLOPT_POST, true);
 curl_setopt ($session, CURLOPT_POSTFIELDS, $postvars);
}
else {
 //If it's a post, but not a form post (like a SOAP request)
 if ($_SERVER['REQUEST_METHOD']==='POST') {
  curl_setopt ($session, CURLOPT_POST, true);
  curl_setopt ($session, CURLOPT_POSTFIELDS, $HTTP_RAW_POST_DATA);
  $headers = getHeaders();
  $header_array = Array( "Content-Type: text/xml", "SOAPAction: " . $headers['SOAPAction']);
  curl_setopt ($session, CURLOPT_HTTPHEADER, $header_array);
  curl_setopt ($session, CURLOPT_CUSTOMREQUEST, "POST");
 }
}
// Don't return HTTP headers. Do return the contents of the call
curl_setopt($session, CURLOPT_HEADER, false);
curl_setopt($session, CURLOPT_RETURNTRANSFER, true);
// Make the call
$xml = curl_exec($session);
// The web service returns XML. Set the Content-Type appropriately
header("Content-Type: text/xml");
echo $xml;
curl_close($session);
?>

此请求失败的原因是您试图向其发出AJAX请求的远程域没有发送正确的CORS标头。因此浏览器将阻止该请求。您应该与bulksms.icubetech.com的管理员交谈,以便为您自己的域显式启用CORS。

这个问题显然与前端代码无关。您尝试访问的服务器应该允许来自其他域的请求。在您的情况下,bulksms.icubetech.com不允许来自域www.w3schools.com的CORS请求。

相关文章: