header("Access-Control-Allow-Origin:*");,但是為什麼前端使用js請求時還是出現
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://nichijou.org/x. (Reason: CORS header 'Access-Control-Allow-Origin' missing). Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://nichijou.org/x. (Reason: CORS request failed).我在後端已經添加了header("Access-Control-Allow-Origin:*");,但是為什麼前端使用js請求時還是出現
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://nichijou.org/x. (Reason: CORS header 'Access-Control-Allow-Origin' missing). Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://nichijou.org/x. (Reason: CORS request failed).
很多瀏覽器都已經不支援使用 * 來設定 Access-Control-Allow-Origin 了,正常的做法是 header("Access-Control-Allow-Origin:".$_SERVER['HTTP_HOST']);
如果需要傳遞 COOKIE 的話還需要搭配 Access-Control-Allow-Credentials: true 這個頭使用。具體可以看文檔:https://developer.mozilla.org/en-US/docs/Web/HTTP/Server-Side_Access_Control
什麼瀏覽器啊,版本號碼都列出來
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
