应用程序位于&{39; http://192.168.1.5:8000',并且API服务器位于http://192.168.1.5:9000'。我尝试使用jQuery将带有cookie的GET请求发送到应用程序中的API服务器。
以下是完整的请求标头(从FireBug中提取):
GET /api/rooms HTTP/1.1
Host: 192.168.1.5:9000
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:37.0) Gecko/20100101 Firefox/37.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://192.168.1.5:8000
Origin: http://192.168.1.5:8000
Cookie: COOKIE=bf27f9f2-6bf8-4688-ac03-fc802653ce22
Connection: keep-alive
响应标题:
HTTP/1.1 200 OK
Cache-Control: no-cache
Pragma: no-cache
Allow: GET, OPTIONS, POST
Content-Type: application/json; charset=utf-8
Expires: -1
Server: Microsoft-IIS/8.5
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Allow-Headers: Content-Type, Depth, User-Agent, X-File-Size, X-Requested-With, If-Modified-Since, X-File-Name, Cache-Control
Date: Wed, 09 Dec 2015 15:33:50 GMT
Content-Length: 6670
jQuery代码:
$.ajax('http://192.168.1.5:9000/api', {
xhrFields: {
withCredentials: true
},
dataType: 'json',
crossDomain: true,
type: 'GET',
success: function (response) {
console.log(response);
}
});
虽然浏览器得到了响应(状态代码为200),但jQuery因跨域策略而停止。
如何解决此问题?需要更多标题?
答案 0 :(得分:0)
请注意,上面的响应标头使用通配符*作为allow origin标头,
但是CORS规范指出,对于支持凭证的请求,可能不会将通配符用于该标头(而是使用显式原点值作为接受原点值)。 CF:https://www.w3.org/TR/cors/#resource-requests
我希望信息有帮助, ..迈克布拉蒂