問題描述

我有這個代碼:

net.requestXHR = function() {
    this.xhr = null;
    if(window.XMLHttpRequest === undefined) {
        window.XMLHttpRequest = function() {
            try {
                // Use the latest version of the activex object if available
                this.xhr = new ActiveXObject("Msxml2.XMLHTTP.6.0");
            }
            catch(e1) {
                try {
                    // Otherwise fall back on an older version
                    this.xhr = new ActiveXObject("Mxsml2.XMLHTTP.3.0");
                }
                catch(e2) {
                    //Otherwise, throw an error
                    this.xhr = new Error("Ajax not supported in your browser");
                }
            }
        };
    }
    else
        this.xhr = new XMLHttpRequest();
}
net.requestXHR.prototype.post = function(url, data) {
    if(this.xhr != null) {
        this.xhr.open("POST", url);
        this.xhr.setRequestHeader("Content-Type", "application/json");
        this.xhr.send(data);
    }
}

    var rs = new net.requestSpeech();
    console.log(JSON.stringify(interaction));
    rs.post("http://localhost:8111", JSON.stringify(interaction));

當(dāng)發(fā)送執(zhí)行時，我有這個日志:

when the send execute, i have this log:

OPTIONS http://localhost:8111/ [HTTP/1.1 405 Method Not Allowed 74ms]

在 localhost:8111 我有一個接受 post 的 reslet serverResource，這是同源策略的問題嗎?我已經(jīng)修改了restlet以放置allow-origin標頭，并使用另一個GET http請求(在jquery中)對其進行測試并且工作正常.我解決了同源問題，因為我使用的是 html5 瀏覽器，并且我的服務(wù)器將標頭放入響應(yīng)中，那么為什么發(fā)送顯示此錯誤?為什么將 POST 更改為 OPTION?謝謝！

And in localhost:8111 i have a reslet serverResource that accept post, it is problem of same origin policy? i have modify the restlet to put the allow-origin header and i test it with another GET http request (in jquery) and work ok. I have the problem of same origin resolve because i use an html5 browser and my server put the headers in the response, so why the send shows me this error? why change POST for OPTION? Thanks!

可能重復(fù)?:我認為沒有，但確實如此，問題在于兩個問題都一樣，但我的問題是瀏覽器有問題，另一個首先指向jQuery.根據(jù)經(jīng)驗，時間不算重復(fù)，答案是不同的，但確實這兩個問題都是互補的彼此.

Possible duplicate?: I think no, but it's true, the problem is the same for both questions, but mine are refers since the question that there is an issue with the browser, and the other, first points to jquery. By experience the time does not count for duplicate, the answers are different but it's true that both questions complement each other.

推薦答案

是的，這是一個同源策略問題".您正在向不同的服務(wù)器或不同的端口發(fā)出請求，這意味著它是一個跨站點 HTTP 請求.以下是文檔對此類請求的說明:

Yes, this is a "problem with same-origin policy". You are making your request either to a different server or to a different port, meaning that it is a cross-site HTTP request. Here is what the documentation has to say about such requests:

另外，對于可能導(dǎo)致副作用的 HTTP 請求方法服務(wù)器的數(shù)據(jù)(特別是對于 GET 以外的 HTTP 方法，或POST 與某些 MIME 類型一起使用)，規(guī)范要求瀏覽器預(yù)檢"請求，從使用 HTTP OPTIONS 請求方法的服務(wù)器，然后，在來自服務(wù)器的批準"，發(fā)送帶有實際請求的實際請求HTTP 請求方法.

Additionally, for HTTP request methods that can cause side-effects on server's data (in particular, for HTTP methods other than GET, or for POST usage with certain MIME types), the specification mandates that browsers "preflight" the request, soliciting supported methods from the server with an HTTP OPTIONS request method, and then, upon "approval" from the server, sending the actual request with the actual HTTP request method.

CORS 標準(Cross-Origin Request with預(yù)檢"部分).您的服務(wù)器需要允許 OPTIONS 請求并使用 Access-Control-Allow-Origin、Access-Control-Allow-Headers 和Access-Control-Allow-Methods 標頭允許請求.然后瀏覽器將發(fā)出實際的 POST 請求.

There is a more detailed description in the CORS standard ("Cross-Origin Request with Preflight" section). Your server needs to allow the OPTIONS request and send a response with Access-Control-Allow-Origin, Access-Control-Allow-Headers and Access-Control-Allow-Methods headers allowing the request. Then the browser will make the actual POST request.

這篇關(guān)于XMLHttpRequest 將 POST 更改為 OPTION的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網(wǎng)！