为什么会在浏览器中出现cors问题而在Postman中出现?

时间:2016-05-19 23:13:59

标签: javascript jquery postman

编辑:这个被标记为副本的问题不是:

  • 解释对不存在的cors问题的错误报告
  • 让它在Postman中工作但不在浏览器中工作。

我有邮递员生成的请求。

    POST /tvs/v1/sign HTTP/1.1
Host: sp.auth.adobe.com
Content-Type: application/x-www-form-urlencoded

cdn=akamai&mediaToken=PHNpZ25hdHVyZUluZm8%2BSUJwRWFRbW8xSktzb1JSdkRuclpDaVJmSjNKdHk5SW9ZSmp2bklNQlpnRlIrSTUxWHVoWVR2U1RYOXB6R2FuTVl0R3RHdG9WT20zbnlPSHNPOWpLUTUrNEJtNXlTWTFnNmRzVjIrTmJoVDgwazhKV2dURlNSL3YwZWozbmVjNUxSQ084cVpZbDNpdjF0Z1BNY2ZkaEdtalorUlpaNGR2YmFCVTE5bUpRRFYwPTxzaWduYXR1cmVJbmZvPjxhdXRoVG9rZW4%2BPHNlc3Npb25HVUlEPjY4NzViYjljNTdmMTFkY2YzZTgxODk0MDdmNjQ5MmFlPC9zZXNzaW9uR1VJRD48cmVxdWVzdG9ySUQ%2BZ29sZjwvcmVxdWVzdG9ySUQ%2BPHJlc291cmNlSUQ%2BPCFbQ0RBVEFbPHJzcyB2ZXJzaW9uPSIyLjAiIHhtbG5zOm1lZGlhPSJodHRwOi8vc2VhcmNoLnlhaG9vLmNvbS9tcnNzLyI%2BPGNoYW5uZWw%2BPHRpdGxlPmdvbGY8L3RpdGxlPjxpdGVtPjx0aXRsZT5BVCZhbXA7VCBCeXJvbiBOZWxzb24gLSBSZCAxPC90aXRsZT48Z3VpZD4yMTc2OTwvZ3VpZD48L2l0ZW0%2BPC9jaGFubmVsPjwvcnNzPl1dPjwvcmVzb3VyY2VJRD48dHRsPjQyMDAwMDwvdHRsPjxpc3N1ZVRpbWU%2BMjAxNi0wNS0xOSAxNTo1NToyOCAtMDcwMDwvaXNzdWVUaW1lPjxtdnBkSWQ%2BQ2FibGV2aXNpb248L212cGRJZD48L2F1dGhUb2tlbj4%3D&resource=PHJzcyB2ZXJzaW9uPSIyLjAiIHhtbG5zOm1lZGlhPSJodHRwOi8vc2VhcmNoLnlhaG9vLmNvbS9t+cnNzLyI%2BPGNoYW5uZWw%2BPHRpdGxlPmdvbGY8L3RpdGxlPjxpdGVtPjx0aXRsZT5BVCZhbXA7VCBC+eXJvbiBOZWxzb24gLSBSZCAxPC90aXRsZT48Z3VpZD4yMTc2OTwvZ3VpZD48L2l0ZW0%2BPC9jaGFu+bmVsPjwvcnNzPg%3D%3D&url=http%3A%2F%2Fgolfstreameast.golfchannel.com%2Fnbc09%2F8188bb65-0b4e-4c80-b609-a5f2b5d63f95%2Fgolf-live-extra0519113845.ism%2Fmanifest(format%3Dm3u8-aapl-v4)

如果我从邮递员发送这封邮件,我会回来" token_expired"这就是我的期望。

但是,当我以jQuery形式生成此代码并通过浏览器触发它时,如下所示,我收到一个CORS错误:

XMLHttpRequest cannot load http://sp.auth.adobe.com/tvs/v1/sign. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://cms.devstream.nbcolympics.com:8080' is therefore not allowed access. The response had HTTP status code 403.

我使用带有--cors选项的http-server提供以下代码。我已经别名localhost。所以我输入alias:8080/index.html来访问我的托管文件。

问题是:为什么它在Postman中有效,而在我的浏览器中却无效?

代码:

var obj = {};
var endpoint = "http://sp.auth.adobe.com/tvs/v1/sign";
var sourceUrl;
function loadData(){
     obj.cdn = document.getElementById("cdn").value;
     obj.mediaToken = document.getElementById("mediaToken").value;
     obj.resource = document.getElementById("resource").value;
     obj.url = document.getElementById("url").value;

     var settings = {
      async: true,
      crossDomain: true,
      url: endpoint,
      method: "POST",
      headers: {
        "content-type": "application/x-www-form-urlencoded"
      },
      data: obj
    }

    $.ajax(settings).done(function (response) {
      console.log(response);
    });
}

1 个答案:

答案 0 :(得分:0)

这是假阳性(否定?)它实际上不是一个角色问题。

对于像这样的某些服务器,如果您通过产生200的数据发送,您将无法收回cors错误。你会得到你期望的回报。

如果你发送产生403的数据,浏览器可能会将其解释为错误的CORS错误,当它真的不是。

因此,如果您确定自己正确地做好了一切,请确保您发送的请求应该返回200.

相关问题
最新问题