的XMLHttpRequest的時候得到這個錯誤信息: Refused to set unsafe header "Origin"
拒絕設定不安全頭「原產地」使用谷歌瀏覽
使用此代碼:
function getResponse() {
document.getElementById("_receivedMsgLabel").innerHTML += "getResponse() called.<br/>";
if (receiveReq.readyState == 4 || receiveReq.readyState == 0) {
receiveReq.open("GET", "http://L45723:1802", true, "server", "server123"); //must use L45723:1802 at work.
receiveReq.onreadystatechange = handleReceiveMessage;
receiveReq.setRequestHeader("Origin", "http://localhost/");
receiveReq.setRequestHeader("Access-Control-Request-Origin", "http://localhost");
receiveReq.timeout = 0;
var currentDate = new Date();
var sendMessage = JSON.stringify({
SendTimestamp: currentDate,
Message: "Message 1",
Browser: navigator.appName
});
receiveReq.send(sendMessage);
}
}
我在做什麼錯?我在標題中缺少什麼來使CORS請求起作用?
我試圖消除receiveReq.setRequestHeader("Origin", ...)
呼叫,但隨後谷歌瀏覽器在我receiveReq.open()
調用拋出訪問錯誤...
爲什麼?
是的:只是刪除你的代碼,設置請求標題「Origin」 - 對我很好! –