Javascript 瓶子+;AngularJS-CORS拒绝工作
如您所见,我显式地指定了原点,但在控制台中,使用vanillaJavascript 瓶子+;AngularJS-CORS拒绝工作,javascript,python,angularjs,bottle,Javascript,Python,Angularjs,Bottle,如您所见,我显式地指定了原点,但在控制台中,使用vanilla$http服务和restanglar时出现了以下错误 应邮政要求: 无法加载XMLHttpRequest。请求的资源上不存在“Access Control Allow Origin”标头。因此,不允许访问源“” 尽管选项请求返回的结果很好 非常感谢您的帮助 编辑: 可以与XMLHttpRequest配合使用: Code: @route('/characteristicsToBestWeb', method='OPTIONS') de
$http
服务和restanglar
时出现了以下错误
应邮政要求:
无法加载XMLHttpRequest。请求的资源上不存在“Access Control Allow Origin”标头。因此,不允许访问源“”
尽管选项请求返回的结果很好
非常感谢您的帮助
编辑:
可以与XMLHttpRequest配合使用:
Code:
@route('/characteristicsToBestWeb', method='OPTIONS')
def respondToCharToBestQueryWebOptions():
response.headers['Access-Control-Allow-Origin'] = settings.allowed_web_origin
response.headers['Access-Control-Allow-Credentials'] = 'true'
# response.headers['Access-Control-Allow-Origin'] = '*'
response.headers['Access-Control-Allow-Methods'] = 'POST, OPTIONS'
response.headers['Access-Control-Allow-Headers'] = 'Origin, Accept,' \
' Content-Type,' \
' Cache-Control,' \
' Pragma,' \
' X-Requested-With,' \
' X-CSRF-Token'
@route('/characteristicsToBestWeb', method='POST')
def respondToCharToBestWebQuery():
response.headers['Access-Control-Allow-Origin'] = settings.allowed_web_origin
response.headers['Access-Control-Allow-Credentials'] = 'true'
# response.headers['Access-Control-Allow-Origin'] = '*'
response.headers['Access-Control-Allow-Methods'] = 'POST, OPTIONS'
response.headers['Access-Control-Allow-Headers'] = 'Origin, Accept,' \
' Content-Type,' \
' Cache-Control,' \
' Pragma,' \
' X-Requested-With,' \
' X-CSRF-Token'
render_response()
WT*-角度?试试这个:
var req = new XMLHttpRequest();
req.open("POST", API_ROOT + 'characteristicsToBest?cacheBuster=' + Math.random().toFixed(5) , true);
req.setRequestHeader("Content-Type", "application/json");
req.setRequestHeader("Cache-Control", "no-cache, must-revalidate");
req.setRequestHeader("Pragma", "no-cache");
req.onload = function(){
var response = this.response;
$scope.$apply(function(){
console.log(response)
})
}
req.send(JSON.stringify(reqData));
您是否查看了返回的实际标题?
@hook('after_request')
def enable_cors():
response.headers['Access-Control-Allow-Origin'] = '*'
response.headers['Access-Control-Allow-Methods'] = 'PUT, GET, POST, DELETE'
response.headers['Access-Control-Allow-Headers'] = 'Origin, Accept, Content-Type, X-Requested-With, X-CSRF-Token'