无法进行HTTPS XMLHttpRequest
请求 - 得到这个回:否“访问控制允许来源”为HTTPS头请求
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://localhost:8443' is therefore not allowed access.
如果我www.google.com
更换网址,它的罚款,但https://www.google.com
做同样的事情。
它适用于我使用Postman/JaSON Chrome扩展时,所以我试过open -a Google\ Chrome --args --disable-web-security
,但那也不起作用。
let request = new XMLHttpRequest();
request.open("POST", "https://outlook.office365.com/EWS/Exchange.asmx", true);
request.setRequestHeader("Authorization", "Bearer " + asyncResult.value);
request.setRequestHeader("Content-type", "text/xml; charset=utf-8");
request.setRequestHeader('Access-Control-Allow-Origin', '*');
request.setRequestHeader("Access-Control-Allow-Headers", "Content-type, Origin");
request.setRequestHeader("Access-Control-Allow-Methods", "POST");
request.onload = function() {
};
request.onerror = function() {
debugger;
}
request.send(requestBody);
服务器设置CORs不是JavaScript – epascarello
我猜'outlook.office365.com'不是你的域名,出于安全原因你不能做交叉源AJAX *(除非**服务器**发送CORS *)。 – adeneo
@ adeneo是的,它现在来自'localhost',但仍然需要发送一个请求到'outlook.office365.com'来获取数据 – Kristin