设置Access-Control-Allow-Origin实现跨域HTTP请求
错误:
Failed to load xxx: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.
背景:
在学习AngularJS的$http服务测试demo时出现该错误,demo实例:
<div ng-app="myApp" ng-controller="myCtrl"> <h1>服务器相应的信息为:</h1> <p>{{ responseMsg }}</p> </div> <script> var app = angular.module('myApp',[]); app.controller('myCtrl',function($scope,$http){ $http({ method: 'GET', url: 'http://www.flyroc.top:8001/server0project/hello' }).then(function successCallback(response) { $scope.responseMsg = response.data; }, function errorCallback(response) { }); }); </script>
解决:
目前的浏览器为了数据的安全,所有请求被严格限制在同一域名下,如果需要从不同的服务器(不同域名)上获取数据,那么需要使用跨域HTTP请求。
实现跨域的方式是在请求的目标网站后台中(以java servlet为例)添加如下代码:
response.setHeader("Access-Control-Allow-Origin","*"); //允许所有域名访问
response.setHeader("Access-Control-Allow-Methods", "POST,GET,OPTIONS,DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with,Authorization");
response.setHeader("Access-Control-Allow-Credentials", "true");
亲测只用response.setHeader("Access-Control-Allow-Origin","*");可以解决。