我创建了一个api,用于接收来自其他域的表单中的帖子。当我在 标头部分
Content-Type:application/x-www-form-urlencoded
X-Requested-With:XMLHttpRequest
当我添加POST值时它起作用。但是当我将其添加到生产服务器时 阿贾克斯:
$.ajax({
type: "POST",
headers: {"Content-Type": "application/x-www-form-urlencoded","X-Requested-With": "XMLHttpRequest","Access-Control-Request-Headers": "*","Access-Control-Request-Method": "*"},
url: "https://sample/test/t/start",
data: frmData
}).done(function (data) {
console.log(data);
});
// XMLHttpRequest preflight request
var xhr = new XMLHttpRequest();
xhr.open("POST", "https://sample/test/t/start", true);
xhr.setRequestHeader("X-Requested-With", "XMLHttpRequest");
xhr.onload = function () {
console.log(xhr.responseText);
};
xhr.send();
// Fetch preflight request
var myHeaders = new Headers();
myHeaders.append("X-Requested-With", "XMLHttpRequest");
fetch("https://sample/test/t/start", {
headers: myHeaders
}).then(function (response) {
return response.json();
}).then(function (json) {
console.log(json);
});
这些是我从上面得到的错误
Access to XMLHttpRequest at 'https://sample/test/t/start' from origin 'https://otherdomain.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Access to fetch at 'https://sample/test/t/start' from origin 'https://otherdomain.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.