我正在尝试通过HTTPS对我们托管的API执行json POST。但是我无法摆脱这个错误:
Failed to load https://api.hageman.nl/: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://docs.hageman.nl' is therefore not allowed access. The response had HTTP status code 504.
JS代码:
var xhr = new XMLHttpRequest(),
url = "https://api.hageman.nl",
environment = "test",
username = "demo",
password = "demo",
request, response;
xhr.open("POST", url, true);
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Debug", "true");
xhr.setRequestHeader("Environment", environment);
xhr.setRequestHeader("Username", username);
xhr.setRequestHeader("Password", password);
xhr.onreadystatechange = function () {
if (xhr.readyState === 4 && xhr.status === 200) {
response = JSON.parse(xhr.responseText);
console.log(reponse);
}
};
request = JSON.stringify({
type: "administrations",
method: "fetch"
});
xhr.send(request);
https://api.hageman.nl上的.htaccess包含(用于开发):
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin *
Header set Access-Control-Allow-Headers *
</IfModule>
我也尝试在PHP文件中设置标题,但结果相同。
如果禁用HTTPS,脚本可以正常工作。但HTTPS是必须的!