可以通过JavaScript实现跨站点XMLHttpRequest吗?
我理解这些限制以及为什么它通常不能正常工作,但是从Firefox 3.5开始就有了
Access-Control-Allow-Origin: *
应该允许这个工作.
它告诉浏览器服务器不关心是否从未提供页面的域发送请求.
我正在使用的代码如下.
function sendData(webservicePayload, callbackFunction) {
var request = null;
if (!window.XMLHttpRequest) { // code for IE
try {
request = new ActiveXObject('Msxml2.XMLHTTP');
} catch (e) {
try {
request = new ActiveXObject('Microsoft.XMLHTTP');
} catch (E) {
return 'Create XMLHTTP request IE';
}
}
} else { // code for Mozilla, etc.
request = new XMLHttpRequest();
}
/*
* Setup the callback function
*/
request.onreadystatechange = function() {
if (request.readyState == 4 && request.status …在这个问题中使用pluploader失败后,我现在正在尝试FineUploader.
在阅读了CORS之后,我在IIS6服务器上实现了各种标头.
似乎发生的事情是我的脚本触发了第一个(preflight)授权请求,该请求失败了,但Chrome允许第二个(standard)请求无论如何都要发送 - Firefox没有.我认为这实际上是代表Chrome的一个错误,但至少它让我能够确定我的脚本可能正常工作.
这是Chrome和FF中的第一个(预检)请求:
OPTIONS /frog/LOTS/upload/php.php HTTP/1.1
Host: staff.curriculum.local
User-Agent: Mozilla/5.0 (Windows NT 6.1; rv:14.0) Gecko/20100101 Firefox/14.0.1
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-us,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Origin: http://frogserver.curriculum.local
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,x-requested-with
Pragma: no-cache
Cache-Control: no-cache
Access-Control...标题是我添加到IIS 的标题.
以下是我的回复标题:
HTTP/1.1 403 Forbidden
Content-Length: 1758
Content-Type: text/html
Server: Microsoft-IIS/6.0
x-powered-by: ASP.NET
Access-Control-Allow-Origin: http://frogserver.curriculum.local
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Cache-Control
Access-Control-Allow-Methods: OPTIONS, GET, POST
Access-Control-Expose-Headers: Origin, X-Requested-With …ajax ×1
browser ×1
cors ×1
cross-domain ×1
http-headers ×1
iis ×1
javascript ×1
jquery ×1
php ×1