为什么 Chrome 会取消 CORS OPTION 请求

2022-01-15 00:00:00 cors google-chrome ajax

在我的应用程序中,我正在创建从 HTTP 到 HTTPS 的 AJAX 请求.这意味着我需要 CORS.因此,我向 jQuery.ajax 添加了一些标头和参数并对其进行了测试.在 Firefox 中一切正常,但在 Chrome 中却不行.Chrome 杀死"每个预请求的请求(选项).

in my app I'm creating AJAX request from HTTP to HTTPS. This means I need CORS. So I add some headers and params to jQuery.ajax and test it. In Firefox everythings works OK, but in Chrome not. Chrome "kill" every preflighed request (OPTIONS).

jQuery 脚本:

$(document).on('click', 'a.ajax', function(e) {
    e.preventDefault();
    $.ajax(this.href, {
        type: 'GET',
        dataType: 'json',
        crossDomain: false,
        headers: {'X-Requested-With': 'XMLHttpRequest'},
        xhrFields: {
            withCredentials: true
        }
    });
    return false;
});

HTTP 转储:

> OPTIONS /foo HTTP/1.1
> User-Agent: curl/7.29.0
> Host: local.bar.cz
> Accept: */*
> Access-Control-Request-Headers:accept, origin, x-requested-with
> Access-Control-Request-Method:GET
> Origin:http://local.bar.cz
> 
< HTTP/1.1 204
< Server: nginx/1.2.7
< Date: Wed, 27 Feb 2013 15:06:54 GMT
< Content-Type: text/html; charset=utf-8
< Connection: keep-alive
< X-Powered-By: Nette Framework
< X-Frame-Options: SAMEORIGIN
< Access-Control-Allow-Origin: http://local.bar.cz
< Access-Control-Allow-Credentials: true
< Access-Control-Allow-Headers: accept, origin, x-requested-with
< Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD
< 

有人知道为什么 chrome 会终止这个请求吗?

any one knows why chrome kill this request?

推荐答案

可能你的 https 服务器有一个不受信任的证书.如果是这样,请先尝试使用浏览器访问该 URL,并接受不受信任的连接.

Maybe your https server has an untrusted certificate. If so, try accessing to the URL with your browser first, and accepting the untrusted connection.

相关文章