我的“ .Access-Control-Allow-Origin”标头在我的.htaccess中不起作用?

时间:2019-01-19 11:33:10

标签: javascript cors apache2

当我试图从“ https://api.steampowered.com” API获取信息时,却出现了错误

Access to XMLHttpRequest at 'https://api.steampowered.com/ISteamUserStats/GetUserStatsForGame/v0002/?appid=730&key=<<MyKEY>>&steamid=<<MySteamID>>' from origin 'https://example.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

然后,我在AllowOverride中将all设置为apache2.conf,并将标头Header set Access-Control-Allow-Origin "https://api.steampowered.com"添加到位于/var/www/html的.htaccess中。 (我也尝试过Header set Access-Control-Allow-Origin "*") 在我用a2enmod headers重新启动Web服务器之后,我用/etc/init.d/apache2 restart启用了a2enmod标头。 但这仍然行不通。

我的.htaccess:

Header set Access-Control-Allow-Origin "*"

我的apache2.conf:

<Directory />
        Options FollowSymLinks
        AllowOverride None
        Require all denied
</Directory>

<Directory /usr/share>
        AllowOverride None
        Require all granted
</Directory>

<Directory /var/www/>
        Options Indexes FollowSymLinks
        AllowOverride all
        Require all granted
</Directory>

我的JavaScript代码:

$(document).ready(function () {
    $.getJSON('https://api.steampowered.com/ISteamUserStats/GetUserStatsForGame/v0002/?appid=730&key=<<MyKEY>>&steamid=<<MySteamID>>', function (data) {
        //My code with the data
    });
});

也许我需要将标题放置在其他位置?

1 个答案:

答案 0 :(得分:0)

您有一个网页https://api.steampowered.com/,其中包含一些JavaScript。

JavaScript希望从https://api.steampowered.com/中读取数据。

为此,https://example.com需要授予https://example.com的权限。

您已配置https://api.steampowered.com/来授予所有网站读取其数据的权限。

您尚未配置int num; num = in.nextInt(); String array[] = new String[num]; for (int i = 0; i < num; i++) { array[i] = in.next(); if (array[i].equals("hey guys")) System.out.println("hey guys"); else System.out.println("buzz"); } 来向任何人授予权限。 (至少我假设您不为Steam工作)。