CORS 请求在 Firefox 中无效,在 Chrome 和 Safari 中有效
CORS request won't work in Firefox, works in Chrome and Safari
这个 fiddle 在 Chrome 中工作正常但在 Firefox 中不工作:http://jsfiddle.net/u5pugnbn/
index.html
<!DOCTYPE html>
<html>
<head>
</head>
<body>
<input type="button" value="Get Data" onclick="getData()"/>
<h1 id="output"></h1>
</body>
<script src ="main.js"></script>
</html>
main.js
var API_URL = "http://andr3w321.pythonanywhere.com";
function getData() {
var output = document.getElementById('output');
var xhr = new XMLHttpRequest();
var url = API_URL + "/hello";
xhr.open("GET", url, true);
xhr.onload = function (e) {
if (xhr.readyState === 4) {
if (xhr.status === 200) {
output.innerHTML = xhr.responseText;
} else {
output.innerHTML = "Error: " + xhr.statusText;
}
}
};
xhr.onerror = function (e) {
output.innerHTML = "Error: " + xhr.statusText;
};
xhr.send();
}
Python 瓶子服务器文件
from bottle import default_app, route, run, template, static_file, url, get, redirect, response, request
# allow requests from other domains
def enable_cors(fn):
def _enable_cors(*args, **kwargs):
# set CORS headers
response.headers['Access-Control-Allow-Origin'] = '*'
response.headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, OPTIONS'
response.headers['Access-Control-Allow-Headers'] = 'Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token'
if request.method != 'OPTIONS':
# actual request; reply with the actual response
return fn(*args, **kwargs)
return _enable_cors
@route('/hello', method=['OPTIONS', 'GET'])
@enable_cors
def hello():
return "hello"
application = default_app()
将静态 index.html 上传到域并将 Allow-Origin
从 *
更改为特定域似乎没有帮助。
原来 Privacy badger 阻止了请求。在我访问 index.html 后禁用它后,它工作正常。
这个 fiddle 在 Chrome 中工作正常但在 Firefox 中不工作:http://jsfiddle.net/u5pugnbn/
index.html
<!DOCTYPE html>
<html>
<head>
</head>
<body>
<input type="button" value="Get Data" onclick="getData()"/>
<h1 id="output"></h1>
</body>
<script src ="main.js"></script>
</html>
main.js
var API_URL = "http://andr3w321.pythonanywhere.com";
function getData() {
var output = document.getElementById('output');
var xhr = new XMLHttpRequest();
var url = API_URL + "/hello";
xhr.open("GET", url, true);
xhr.onload = function (e) {
if (xhr.readyState === 4) {
if (xhr.status === 200) {
output.innerHTML = xhr.responseText;
} else {
output.innerHTML = "Error: " + xhr.statusText;
}
}
};
xhr.onerror = function (e) {
output.innerHTML = "Error: " + xhr.statusText;
};
xhr.send();
}
Python 瓶子服务器文件
from bottle import default_app, route, run, template, static_file, url, get, redirect, response, request
# allow requests from other domains
def enable_cors(fn):
def _enable_cors(*args, **kwargs):
# set CORS headers
response.headers['Access-Control-Allow-Origin'] = '*'
response.headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, OPTIONS'
response.headers['Access-Control-Allow-Headers'] = 'Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token'
if request.method != 'OPTIONS':
# actual request; reply with the actual response
return fn(*args, **kwargs)
return _enable_cors
@route('/hello', method=['OPTIONS', 'GET'])
@enable_cors
def hello():
return "hello"
application = default_app()
将静态 index.html 上传到域并将 Allow-Origin
从 *
更改为特定域似乎没有帮助。
原来 Privacy badger 阻止了请求。在我访问 index.html 后禁用它后,它工作正常。