0
我在Chrome(版本32.0.1700.77)中發出CORS請求時遇到問題。我確信正確的預檢標題正在發送,並且它們也在主要請求期間發送。我應該補充說我使用的jQuery $ .ajax的contentType參數設置爲「application/json」。 contentType參數的存在似乎引發了這個問題(因爲沒有它就可以正常工作)。訪問控制允許來源神祕
以下是OPTIONS請求的輸出。
HTTP/1.1 200 OK
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Authorization, Content-Type, X-Requested-With
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: text/plain
Content-Length: 2
Date: Fri, 17 Jan 2014 04:58:43 GMT
Connection: keep-alive
下面是從主POST請求的輸出(401預計):
HTTP/1.1 401 Unauthorized
X-Powered-By: Express
Access-Control-Allow-Origin: *
Access-Control-Allow-Headers: Authorization, Content-Type, X-Requested-With
Access-Control-Allow-Methods: GET, POST, PUT, DELETE
Content-Type: application/json; charset=utf-8
Content-Length: 36
Date: Fri, 17 Jan 2014 05:00:05 GMT
Connection: keep-alive
的問題是,鉻不能識別訪問控制允許來源響應頭一段原因並在錯誤控制檯中顯示以下行:
XMLHttpRequest無法加載http://site1.dev:3000/api/v1/pathways。請求的資源上沒有「Access-Control-Allow-Origin」標題。原因'http://site2.dev:8000'因此不被允許訪問。
任何想法?