Question

我有以下请求和回复。 Access allow control origin设置为*。

Remote Address:xx.xxx.xxx.xxx:xx
Request URL:http://api-test.example.com/api/v1/sample
Request Method:OPTIONS
Status Code:405 Method Not Allowed
Request Headersview source
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:accept, authorization
Access-Control-Request-Method:GET
Cache-Control:max-age=0
Connection:keep-alive
Host:api-test.example.com
Origin:http://test.example.com
Referer:http://test.example.com/Joblist.html
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_1) AppleWebKit/537.36 (KHTML, like GeChrome/34.0.1847.116 Safari/537.36

回应：

Response Headersview source
Access-Control-Allow-Methods:GET,PUT,POST,DELETE,OPTIONS
Access-Control-Allow-Origin:http:*
Allow:GET
Cache-Control:no-cache
Connection:keep-alive
Content-Length:76
Content-Type:application/json; charset=utf-8
Date:Tue, 15 Apr 2014 07:38:32 GMT
Expires:-1
Pragma:no-cache
Server:Microsoft-IIS/8.5
X-AspNet-Version:4.0.30319
X-Powered-By:ASP.NET

我已经使用了GET方法，但它正在转换为OPTIONS，如何解决这个问题？

这是调用函数：

$.ajax({ 
type: "GET", 
url: "api-test.example.com/api/v1/sample";, 
headers:{Authorization:authHeader}, 
dataType: "xml", 
success: function(xml) {

Answer 1

查看我的回答here ...

只要交叉来源请求中没有简单的标头，浏览器就会预先发出OPTIONS请求。当此OPTIONS请求发送到服务器时，服务器必须响应允许的标头，方法和起源以满足预检请求（并允许实际请求）。

Access-Control-Allow-Origin:http:*

http:*不符合允许来源的资格。它只支持*，null或确切的域。

here is some info

跨域问题，GET转换为OPTIONS

1 个答案: