即使有数百个关于 CORS 的主题,我也找不到我想要的或没有任何东西可以帮助我解决我的问题。
我的情况是,
我有一个应用程序在 http://localhost:8011 上运行这需要消耗在另一台服务器上运行的一些服务,即 http://localhost:8022
我使用 jQuery(1.7.1) ajax 调用其他服务器中的服务,
var Request = '<?xml version="1.0" encoding="UTF-8"?> \
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> \
<SOAP-ENV:Body> \
<TicorRequest xmlns="urn:Ticor" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ServiceName="Quote_Gen"> \
<WorkDocuments> \
<Premium_details id="Premium_details_id_1"> \
<quote_components id="Quote_components_id_1"> \
<AAC_Membership>400000</AAC_Membership> \
<Adjustment_fee>2000</Adjustment_fee> \
</quote_components> \
</Premium_details> \
</WorkDocuments> \
</TicorRequest> \
</SOAP-ENV:Body> \
</SOAP-ENV:Envelope>';
var TicorService = $.ajax({
type: "POST",
processData: false,
url: "http://localhost:8022/axis/services/Ticor",
data: Request,
beforeSend: function(xhr){xhr.setRequestHeader('SOAPAction', 'urn:Ticor'); },
xhrFields: { withCredentials: false },
contentType: "text/xml; charset=\"utf-8\"",
crossDomain: true,
dataType: "xml",
success: function(data, status, req)
{
alert(data);
},
error: function(XMLHttpRequest, textStatus, errorThrown)
{
alert(errorThrown);
},
complete: function(XMLHttpRequest, textStatus)
{
}
});
- 但我在 Chrome 中收到以下错误消息。
XMLHttpRequest cannot load http://localhost:8022/axis/services/Ticor. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8011' is therefore not allowed access. The response had HTTP status code 200.
- 然后我尝试在 Tomcat 服务器(7.0.42)的 web.xml 文件中添加以下内容。
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.preflight.maxage</param-name>
<param-value>10</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
- 添加以上内容后,我收到相同的错误消息,但响应的 HTTP 状态代码为 403
你能告诉我我在这里缺少什么吗?还是替代品?
最佳答案
我遇到了同样的问题,发现在 chrome 中请求本地主机上的不同来源时总是会出现此错误。我尝试在 IE 中运行,然后运行良好。我以前在 chrome 中运行的解决方案是禁用 CORS - chrome 上的安全性:
RUN --> Chrome.exe --disable-web-security
这里有一个引用,说 chrome 不支持 CORS 请求的本地主机,请参见链接:https://bugs.chromium.org/p/chromium/issues/detail?id=67743
另请参阅 stackoverflow 帖子:Deadly CORS when http://localhost is the origin
关于jquery - jQuery ajax 应用程序和 tomcat 服务器的 CORS 实现/启用?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/37181677/