正如你可以看到从这个Bugzilla的线程(和也),Firefox不总是在POST请求发送Origin标.RFC规定不应在某些未定义的"隐私敏感"上下文中发送它.Mozilla 在这里定义了这些上下文.
我想知道的是,这些是Firefox不会发送Origin标头的唯一情况.据我所知它也不会发送它在跨源POST请求(虽然Chrome和IE将),但我无法在文档中确认.它是否在我遗漏的地方列举?
谢谢.
我有一个项目,我正在尝试从数据处理程序下载一些制表符分隔值格式的数据,但是,Google Chrome 正在发送 Origin 标头值的空值。
\n\n当我导航到http://server.corp.somebiz.com/reportpages/Report_Page_Requests_Over_Time.aspx?app=76ac42b7-ba6f-4be4-b297-758ebc9fe615时,我看到了这一点
\n\nvar url = \'http://server.corp.somebiz.com/DataHandlers/ReportSets.ashx?task=pagerequestsovertime&app=188d1956-c4a7-42f7-9bdd-38f54c14e125&format=tsv\';\n\nd3.tsv(url, function(d) {\n d.date = parseTime(d.date);\n d.close = +d.close;\n return d;\n}, function(error, data) {\n if (error) throw error;\n\n console.log(\'Do stuff\');\n});\n以下是请求的原始标头:
\n\nGET /DataHandlers/ReportSets.ashx?task=pagerequestsovertime&app=786b5ef3-1389-4890-8004-533fd1f66f16&format=tsv HTTP/1.1\nHost: server.corp.somebiz.com\nConnection: keep-alive\naccept: text/tab-separated-values,*/*\nOrigin: null\nUser-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36\nAccept-Encoding: gzip, deflate, sdch\nAccept-Language: en-US,en;q=0.8\n这最终会在控制台上出现错误:
\n\nXMLHttpRequest cannot load http://server.corp.somebiz.com/DataHandlers/ReportSets.ashx?task=pagere\xe2\x80\xa66ac42b7-ba6f-4be4-b297-758ebc9fe615&start=2/1/2017&end=3/2/2017&format=tsv. The \'Access-Control-Allow-Origin\' header has a value \'http://server.corp.somebiz.com\' that is not equal to the supplied origin. …