如何使用访问控制允许来源?
我想知道如何使用 Access-Control-Allow-Origin ?
事实上,我尝试将 xml 数据从远程文件加载到 html (到 a )中,但在请求期间出现此错误:
XMLHttpRequest 无法加载 http://www.mysite.net/douce/bonsplans.xml。 Access-Control-Allow-Origin 不允许来源 http://mysite.net。
谢谢您的回复
嗯,好的,所以我认为我不可能使用这种方法。这是我的源代码:
mypage.html :
<html lang="fr">
<head>
<title>monsite</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<script type="text/javascript" src="script.js"></script>
<SCRIPT TYPE="text/javascript">
function init(){
loadXMLDoc('http://www.monsite.net/bonsplans.xml');
}
</SCRIPT>
</head>
<body onload="init();" onunload="clear();">
<div id="bonplans" class="panel4" title="Bons plans">
<p style="text-align:left;"><font color="#4e559c" size="3px"><b>Dernières minutes :</b></font></p>
<div id="writeDernieresMinutes"></div>
<p style="text-align:left;"><font color="#4e559c" size="3px"><b>Offres permanentes :</b></font></p>
<div id="writeOffresPermanentes"></div>
</div>
</body>
</html>
这是 script.js 文件:
function loadXMLDoc(url)
{
if (window.XMLHttpRequest)
{// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp=new XMLHttpRequest();
}
else
{// code for IE6, IE5
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange=function()
{
if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
dernieresminutes="";
x=xmlhttp.responseXML.documentElement.getElementsByTagName("DERNIEREMINUTE");
for (i=0;i<x.length;i++)
{
xx=x[i].getElementsByTagName("DATE");
{
try
{
dernieresminutes=dernieresminutes + "<fieldset><legend><font color='#4e559c' size='2px'>" + xx[0].firstChild.nodeValue + "</font></legend>";
}
catch (er)
{
dernieresminutes=dernieresminutes + "<p>erreur*</p>";
}
}
xx=x[i].getElementsByTagName("CONTENT");
{
try
{
dernieresminutes=dernieresminutes + "<div class=\"row\"><font color='blue' size='3px'><center>" + xx[0].firstChild.nodeValue + "</center></font>";
}
catch (er)
{
dernieresminutes=dernieresminutes + "<p>erreur*</p>";
}
}
dernieresminutes=dernieresminutes + "</font></div></fieldset>";
}
document.getElementById('writeDernieresMinutes').innerHTML=dernieresminutes;
}
{
OffresPermanentes="";
x=xmlhttp.responseXML.documentElement.getElementsByTagName("OFFREPERMANENTE");
for (i=0;i<x.length;i++)
{
xx=x[i].getElementsByTagName("TITRE");
{
try
{
OffresPermanentes=OffresPermanentes + "<fieldset><legend><font color='#4e559c' size='2px'>" + xx[0].firstChild.nodeValue + "</font></legend>";
}
catch (er)
{
OffresPermanentes=OffresPermanentes + "<p>erreur*</p>";
}
}
xx=x[i].getElementsByTagName("CONTENT");
{
try
{
OffresPermanentes=OffresPermanentes + "<div class=\"row\"><font color='blue' size='3px'><center>" + xx[0].firstChild.nodeValue + "</center></font>";
}
catch (er)
{
OffresPermanentes=OffresPermanentes + "<p>erreur*</p>";
}
}
OffresPermanentes=OffresPermanentes + "</font></div></fieldset>";
}
document.getElementById('writeOffresPermanentes').innerHTML=OffresPermanentes;
}
}
xmlhttp.open("POST",url,true);
xmlhttp.send();
}
function getXhr(){
var xhr = null;
if(window.XMLHttpRequest) // Firefox et autres
xhr = new XMLHttpRequest();
else if(window.ActiveXObject){ // Internet Explorer
try {
xhr = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
xhr = new ActiveXObject("Microsoft.XMLHTTP");
}
}
else { // XMLHttpRequest non supporté par le navigateur
alert("Votre navigateur ne supporte pas les objets XMLHTTPRequest...");
xhr = false;
}
return xhr
}
所以我事实上,在加载 mapage.html 期间,脚本必须从远程源加载 xml 文件,解析它并将内容写入这 。
I would like to know how do i use Access-Control-Allow-Origin ?
In fact, i try to load xml data from a distant file into a html (into a ) but i have this mistake during the request :
XMLHttpRequest cannot load http://www.mysite.net/douce/bonsplans.xml. Origin http://mysite.net is not allowed by Access-Control-Allow-Origin.
Thanks for your reply
Mmmm, ok, so i think that is not possible for me to use this method. Here is my source code :
mypage.html :
<html lang="fr">
<head>
<title>monsite</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<script type="text/javascript" src="script.js"></script>
<SCRIPT TYPE="text/javascript">
function init(){
loadXMLDoc('http://www.monsite.net/bonsplans.xml');
}
</SCRIPT>
</head>
<body onload="init();" onunload="clear();">
<div id="bonplans" class="panel4" title="Bons plans">
<p style="text-align:left;"><font color="#4e559c" size="3px"><b>Dernières minutes :</b></font></p>
<div id="writeDernieresMinutes"></div>
<p style="text-align:left;"><font color="#4e559c" size="3px"><b>Offres permanentes :</b></font></p>
<div id="writeOffresPermanentes"></div>
</div>
</body>
</html>
And here is the script.js file :
function loadXMLDoc(url)
{
if (window.XMLHttpRequest)
{// code for IE7+, Firefox, Chrome, Opera, Safari
xmlhttp=new XMLHttpRequest();
}
else
{// code for IE6, IE5
xmlhttp=new ActiveXObject("Microsoft.XMLHTTP");
}
xmlhttp.onreadystatechange=function()
{
if (xmlhttp.readyState==4 && xmlhttp.status==200)
{
dernieresminutes="";
x=xmlhttp.responseXML.documentElement.getElementsByTagName("DERNIEREMINUTE");
for (i=0;i<x.length;i++)
{
xx=x[i].getElementsByTagName("DATE");
{
try
{
dernieresminutes=dernieresminutes + "<fieldset><legend><font color='#4e559c' size='2px'>" + xx[0].firstChild.nodeValue + "</font></legend>";
}
catch (er)
{
dernieresminutes=dernieresminutes + "<p>erreur*</p>";
}
}
xx=x[i].getElementsByTagName("CONTENT");
{
try
{
dernieresminutes=dernieresminutes + "<div class=\"row\"><font color='blue' size='3px'><center>" + xx[0].firstChild.nodeValue + "</center></font>";
}
catch (er)
{
dernieresminutes=dernieresminutes + "<p>erreur*</p>";
}
}
dernieresminutes=dernieresminutes + "</font></div></fieldset>";
}
document.getElementById('writeDernieresMinutes').innerHTML=dernieresminutes;
}
{
OffresPermanentes="";
x=xmlhttp.responseXML.documentElement.getElementsByTagName("OFFREPERMANENTE");
for (i=0;i<x.length;i++)
{
xx=x[i].getElementsByTagName("TITRE");
{
try
{
OffresPermanentes=OffresPermanentes + "<fieldset><legend><font color='#4e559c' size='2px'>" + xx[0].firstChild.nodeValue + "</font></legend>";
}
catch (er)
{
OffresPermanentes=OffresPermanentes + "<p>erreur*</p>";
}
}
xx=x[i].getElementsByTagName("CONTENT");
{
try
{
OffresPermanentes=OffresPermanentes + "<div class=\"row\"><font color='blue' size='3px'><center>" + xx[0].firstChild.nodeValue + "</center></font>";
}
catch (er)
{
OffresPermanentes=OffresPermanentes + "<p>erreur*</p>";
}
}
OffresPermanentes=OffresPermanentes + "</font></div></fieldset>";
}
document.getElementById('writeOffresPermanentes').innerHTML=OffresPermanentes;
}
}
xmlhttp.open("POST",url,true);
xmlhttp.send();
}
function getXhr(){
var xhr = null;
if(window.XMLHttpRequest) // Firefox et autres
xhr = new XMLHttpRequest();
else if(window.ActiveXObject){ // Internet Explorer
try {
xhr = new ActiveXObject("Msxml2.XMLHTTP");
} catch (e) {
xhr = new ActiveXObject("Microsoft.XMLHTTP");
}
}
else { // XMLHttpRequest non supporté par le navigateur
alert("Votre navigateur ne supporte pas les objets XMLHTTPRequest...");
xhr = false;
}
return xhr
}
So i fact, during the loading of mapage.html, the script must load the xml file from a distant source, parse it and write the content into the .
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
在 mysite.net 的响应中,它必须包含一个标头:
Access-Control-Allow-Origin: [domain from where you call](所以,如果您是 thissite.com ,它将是
Access-Control-Allow-Origin: thissite.com)或
Access-Control-Allow-Origin: *(这将允许所有人)。如果您不运行 mysite.net,则无法执行此操作,您必须采用其他方法来获取此数据。 (除非您可以让他们以 JSONP 形式提供数据,否则最好的选择是编写服务器端代码来检索它,该代码与您想要在其中呈现的 HTML 文件在同一域上运行,然后使用 XHR 来获取该数据数据。)
如果您需要帮助向服务器响应添加标头,我们需要知道您正在使用什么 HTTP 服务器,以及您是否正在使用与之结合的任何类型的脚本语言。
In the response from mysite.net it would have to include a header with:
Access-Control-Allow-Origin: [domain from where you're calling](So, if you're thissite.com, it would be
Access-Control-Allow-Origin: thissite.com)or
Access-Control-Allow-Origin: *(this would allow from all).If you don't run mysite.net then there is no way to do this and you'll have to come with alternate means to obtain this data. (Unless you can get them to supply the data in JSONP, your best bet is to write server side code to retrieve it that runs on the same domain as the HTML file you want to present it in, and then use an XHR to obtain that data.)
If you need help adding headers to server responses, we need to know what HTTP server you're using and if you're using any sort of scripting language in conjunction with that.