我在制作跨站点ajax调用时遇到问题。使用nginx,我相信我已经在服务器配置中添加了正确的头文件,但它仍然不能在我的JS代码或控制台中工作。我想知道我做错了什么。即使使用Access-Control-Allow-Origin标头,XMLHttpRequest CORS请求失败
这是我键入到控制台的响应是我们熟悉的“否‘访问控制允许来源’标头存在”错误:
$.get("//www.example.com");
Object {readyState: 1, getResponseHeader: function, getAllResponseHeaders: function, setRequestHeader: function, overrideMimeType: function…}
XMLHttpRequest cannot load http://www.example.com/. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://dictionary.aherriot.com' is therefore not allowed access.
当我看从响应头我初始网页加载,我看到下面的标题:
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:X-Requested-With,Accept,Content-Type, Origin
Access-Control-Allow-Methods:GET, POST, OPTIONS, PUT, DELETE
Access-Control-Allow-Origin:*
,这里是站点的nginx的配置文件:
server {
listen 80;
root /home/aherriot/sites/dictionary;
index index.html index.htm;
server_name dictionary.aherriot.com;
location/{
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE';
add_header 'Access-Control-Allow-Headers' 'X-Requested-With,Accept,Content-Type, Origin';
}
}
我很难过,因为我失踪了。我还需要做什么来允许CORS?谢谢。