问题
Trying to make a cross origin call from one server to another server. Cant get it working. So made a test page with the code that works with this example http://arunranga.com/examples/access-control/preflightInvocation.html
Here is my example page with same code: http://webcosmo.com/test.html
However I am getting 403 forbidden error.
Anybody?
回答1:
Your resource is missing Access-Control-Allow-Origin header. Thus CORS won't work with it. Try adding this to your response headers:
Access-Control-Allow-Origin: *
Read this for more info about Access-Control-Allow-Origin header.
回答2:
if you add Access-Control-Allow-Origin: * then your instruction withCredentials wont work.
The best practice is to add direct origin from request.
In PHP you can use $_SERVER['HTTP_ORIGIN'];
p.s. also you can compare origins with your trusted domains and give limited access.
来源:https://stackoverflow.com/questions/14565618/cross-origin-resource-sharing-cors