Access-Control-Allow-Origin of cross-domain login of Json

Others 2020-04-15 08:38:50 views: null

Cross-domain calling json problem

In my spare time, I made a blog site. After the site released the network, the program function was completed. Finally, I found a cross-domain problem. For example, I used abc.com to open the system. I tried again using www.abc.com, and found that some font files or references to external css files failed to request

Font from origin 'http://lovefeel.top' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.lovefeel.top' is therefore not allowed access.

Browser debugging errors are as follows:

Solutions under IIS

# 在IIS添加如下标头即可
Access-Control-Allow-Headers:Content-Type, api_key, Authorization
Access-Control-Allow-Origin:*


Open IIS, find the "HTTP response header" and click in,

You can see the addition on the right, and then add the following header


It is recommended to write both rules at the same time, and some netizens only write Access-Control-Allow-Origin: * It is solved, the file request is normal.

Nginx server

Add the address allowed by Access-Control-Allow-Origin through the Nginx module HttpHeadersModule.

Modify nginx.conf in the Nginx conf directory, add the following code

location ~* \.(eot|ttf|woff|svg|otf)$ {
     add_header Access-Control-Allow-Origin *;
}

// eot|ttf|woff|svg|otf,表示请求后缀类型,也可以直接写如下代码

location / {  
  add_header Access-Control-Allow-Origin *;  
}

Apache server

If the server is Apache, you can configure it as follows:

<IfModule mod_setenvif.c>  
    <IfModule mod_headers.c>  
        <FilesMatch "\.(cur|gif|ico|jpe?g|png|svgz?|webp)$">  
            SetEnvIf Origin ":" IS_CORS  
            Header set Access-Control-Allow-Origin "*" env=IS_CORS  
        </FilesMatch>  
    </IfModule>  
</IfModule>

References: http://www.bubuko.com/infodetail-1022595.html

http://www.mamicode.com/info-detail-470472.html

Apache official documentation: http://tomcat.apache.org/tomcat-7.0-doc/config/filter.html#CORS_Filter

In addition, there are some cross-domain security issues, etc., please refer to Daniel ’s article for details

Ajax Cross-Domain, Json Cross-Domain, Socket Cross-Domain, and Canvas Cross-Domain, etc. Same Origin Policy Restrictions : http://blog.csdn.net/freshlover/article/details/44223467

Guess you like

Origin www.cnblogs.com/zoomla/p/12702830.html
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com