Fatal编程技术网
  • ios/
  • Ios Safari上的CORS问题-尽管设置了允许来源

Ios Safari上的CORS问题-尽管设置了允许来源

ios api safari cors

Ios Safari上的CORS问题-尽管设置了允许来源,ios,api,safari,cors,Ios,Api,Safari,Cors,我正在处理一个非常随机的CORS问题。这似乎只发生在狩猎中。有时错误会随机消失——我不会在服务器上做任何更改。我得到以下错误: Origin https://example.com is not allowed by Access-Control-Allow-Origin. XMLHttpRequest cannot load https://app.example.com/wp-json/jwr/v1/post/some-page?lang=en&base=http:%2F%2Fexa

我正在处理一个非常随机的CORS问题。这似乎只发生在狩猎中。有时错误会随机消失——我不会在服务器上做任何更改。我得到以下错误:

Origin https://example.com is not allowed by Access-Control-Allow-Origin.
XMLHttpRequest cannot load https://app.example.com/wp-json/jwr/v1/post/some-page?lang=en&base=http:%2F%2Fexample.com due to access control checks.
如果我选择将请求复制为一个CURL来检查响应头,那么我将获得
访问控制allow origin
,并具有正确的origin()——甚至设置了allowed cors头。这是我的卷发:

curl -I 'https://app.example.com/wp-json/jwr/v1/post/some-page?lang=en&base=http:%2F%2Fexample.com' \
-XGET \
-H 'Accept: application/json, text/plain, */*' \
-H 'Origin: https://example.com' \
-H 'Referer: https://example.com/product/iii-2' \
-H 'User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_4_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Mobile/15E148 Safari/604.1'
答复是:

HTTP/2 200
date: Sun, 31 May 2020 12:23:08 GMT
content-type: application/json; charset=UTF-8
content-length: 45
set-cookie: __cfduid=d6a204fcbe29745154f0a50e4d8700bde1590927787; expires=Tue, 30-Jun-20 12:23:07 GMT; path=/; domain=.example.com; HttpOnly; SameSite=Lax; Secure
x-powered-by: PHP/7.3.18
x-robots-tag: noindex
link: <https://example.com/wp-json/>; rel="https://api.w.org/"
x-content-type-options: nosniff
access-control-expose-headers: X-WP-Total, X-WP-TotalPages
allow: GET
access-control-allow-origin: https://example.com
access-control-allow-methods: POST, GET, OPTIONS, DELETE
access-control-allow-credentials: true
access-control-allow-headers: Accept, Accept-Encoding, Accept-Language, Authorization, Cache-Control, Pragma, Content-Type, Origin, Referer, Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site, User-Agent
vary: Origin,User-Agent
x-litespeed-cache-control: no-cache
alt-svc: h3-27=":443"; ma=86400
cache-control: max-age=691200
cf-cache-status: MISS
cf-request-id: 030c489e8d0000d87990a6a200000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 59c0aa10ef1dd879-CPH
在您收到CORS消息的情况下,响应的HTTP状态代码是什么?这是4xx还是5xx错误,而不是200 OK成功响应?嘿@sideshowbarker,是200。我在失败的网络请求上单击了“复制到CURL”,然后当我使用CURL时,它可以正常工作。您在开发人员控制台中看到任何相关内容吗?您可以使用
-X选项执行请求,而不是
获取
?有一个执行的飞行前请求(选项)。如果失败,它将显示相同/类似的消息。下面是一个使用自定义原点执行选项请求并显示返回标题的简单示例:
curl-I-X OPTIONS-H“origin:example.net”https://app.example.net/wp-json/your-url“
另一个重要配置可能是您的CloudFront设置。可以添加您的CF行为设置吗?特别是:
允许的HTTP方法
缓存的HTTP方法
基于选定的请求头进行缓存
。我猜您在您的发行版中允许
选项
请求。如果您为代码< >选项>代码>请求设置缓存,那么我也会考虑基于选定的请求标题< /COD>设置将“原点”添加到您的代码>缓存中。

curl -I 'https://app.thejewelleryroom.com/wp-json/jwr/v1/products/small-ice-cream-necklace?cacheKey=1&lang=en&base=https:%2F%2Fthejewelleryroom.com' \
-XGET \
-H 'Accept: application/json, text/plain, */*' \
-H 'Origin: https://thejewelleryroom.com' \
-H 'Referer: https://thejewelleryroom.com/' \
-H 'User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Safari/605.1.15'