使用nginx,我在sub.example.com提供了一个html文件,需要从example.com获取其json数据
但json没有加载。相反,在Chrome浏览器中,我得到:
The 'Access-Control-Allow-Origin' header has a value 'https://example.com' that is not equal to the supplied origin. Origin 'http://sub.example.com' is therefore not allowed access.
我该如何解决这个问题?
答案 0 :(得分:0)
您需要在example.com服务器上设置CORS标头,以允许域sub.example.com使用此资源,例如:
访问控制允许来源
add_header Access-Control-Allow-Origin "https://sub.example.com" always;
add_header Access-Control-Allow-Headers "Origin, Content-Type, Accept" always;
add_header Access-Control-Allow-Methods "GET, POST, PUT, OPTIONS, DELETE" always;
OR
add_header Access-Control-Allow-Origin "https://*.example.com" always;
add_header Access-Control-Allow-Headers "Origin, Content-Type, Accept" always;
add_header Access-Control-Allow-Methods "GET, POST, PUT, OPTIONS, DELETE" always;
您需要在处理Json的服务器中设置它。您可以在CORS中允许*,但不建议这样做。