发表新帖
发表新帖

CORS request not working in Safari

后端 未结
关注
13 1471
忘掉有多难
忘掉有多难 2020-11-27 06:04

I am making a CORS xhr request. This works fine in chrome, however when I run in safari I get an \'Can not load ---- access not allowed by Access-control-allow-origin\'.

相关标签:
13条回答
  • 轻奢々
    2020-11-27 06:31

    I just had a similar problem, CORS error. It would work in Firefox & Chrome but not Safari 10.

    Turned out we needed to put the trailing slash on the JSON URL.

    0 讨论(0)
  • 花落未央
    2020-11-27 06:34

    In my case, it was an issue for Accept-Language header. I have added Accept-Language inside Access-Control-Allow-Headers and it got resolved.

    0 讨论(0)
  • 遥遥无期
    2020-11-27 06:35

    I had the same problem where CORS worked in Chrome, but threw an origin error in Safari. Turned out it was a Kerberos authorization issue. When I loaded the XHR URL directly in Safari, I was prompted for credentials. After entering them, I returned to the original site, and Safari no longer had the CORS error.

    0 讨论(0)
  • 眼角桃花
    2020-11-27 06:35

    When I query your URL I'm getting back the following Access-Control headers:

    Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Authorization, Cache-Control, Content-Length, Date, Expires, Server, Transfer-Encoding, x-goog-meta-foo1

    I suspect it has something to do with your Access-Control headers - either you're leaving something out, or being too specific.

    Given that you're actually sending a custom header, you may want to try:

    Access-Control-Allow-Headers: *

    You could also see if leaving out Access-Control-Expose-Headers makes a difference.

    Beyond that, it would actually be helpful to see the actual request / response headers.

    0 讨论(0)
  • 轻奢々
    2020-11-27 06:37

    For CORS request you should be using your origin fflog.storage.googleapis.com. If you use common storage.googleapis.com origin, any site can access to your bucket.

    have try try remove overrideMimeType? If you set mime type, it will return correctly.

    I also have problem with Safari POST request, but no answer yet. GET is OK.

    0 讨论(0)
  • 感动是毒
    2020-11-27 06:37

    When I try

    curl -v -X OPTIONS \
  -H 'Origin: fflog.storage.googleapis.com' \
  -H 'Access-Control-Request-Method: GET'  \
  https://storage.googleapis.com/fflog/135172watersupplies_json

    I get, among other headers:

    Access-Control-Allow-Origin: *

    When I execute AJAX requests against https://storage.googleapis.com/fflog/135172watersupplies_json from Safari 6.0.4 on Mac OS 10.8.3 I get 403 errors, but they do all execute.

    So I can only guess that you are trying to send a credentialed request for which a wildcard Access-Control-Allow-Origin is not allowed.

    0 讨论(0)
 看不清?
提交回复
热议问题