问题描述
我尝试从跨域创建登录页面,但我无法解决问题,错误是:
代码是:
$('#login')。click(function(){var username = $('#uname')。val (); var password = $('#pass')。val(); var result = $('。result'); result.text('loading ....'); if(username!=''& ;& password!=''){var urltopass ='action = login& username ='+ username +'& password ='+ password; $ .ajax({type:'POST',data:urltopass,headers: Access-Control-Allow-Headers:Content-Type},url:'http://localhost/testing/resp.php',crossDomain:true,cache:false,success:function(responseText){console。 log(responseText); if(responseText ==0){result.text('incorrect login information');} else if(responseText ==1){window.location =http:// localhost / testing /home.php; } else {alert('sql query \\\
'+ responseText中的错误); }}}); } else return false; ://localhost/testing/resp.phprel =nofollow> http://localhost/testing/resp.php :
<?php includedb.php; //连接数据库if(!isset($ _ SERVER ['HTTP_ORIGIN'])){echo这不是跨域请求; exit;} header(Access-Control-Allow-Origin:*);头(Access-Control-Allow-Credentials:true); header(Access-Control-Allow-Methods:POST,GET,OPTIONS); (Access-Control-Allow-Headers:Content-Type,Authorization,X-Requested-With);标题('P3P:CP =CAO PSA OUR'); //使得IE支持cookie头(Content-Type:application / json; charset = utf-8); if(isset($ _ POST ['action'])&& $ _POST ['action'] =='login'){$ uname = $ _POST ['username']; $ pass = $ _POST ['password']; $ sql =SELECT * FROM loginajax WHERE username ='$ uname'AND password ='$ pass'; $ rs = $ conn-> query($ sql); if(mysqli_num_rows($ rs)
解决方案删除此:
:Content-Type},
服务器使用 Access-Control-Allow-Headers 标头进行响应,客户端不会将其发送服务器。
客户端发送一个 Access-Control-Request-Headers 请求允许某些标题,服务器用 Access-Control-Allow-Headers 来列出它允许的实际头。客户端不会要求允许哪些标头。
I am trying to make a login page from cross domain but I couldn't solve the problem, the error is:
My Javascript code is:
$('#login').click(function(){
var username = $('#uname').val();
var password = $('#pass').val();
var result = $('.result');
result.text('loading....');
if (username != '' && password !=''){
var urltopass = 'action=login&username='+username+'&password='+password;
$.ajax({
type: 'POST',
data: urltopass,
headers: {"Access-Control-Allow-Headers": "Content-Type"},
url: 'http://localhost/testing/resp.php',
crossDomain: true,
cache: false,
success: function(responseText){
console.log(responseText);
if(responseText== "0"){
result.text('incorrect login information');
} else if (responseText == "1"){
window.location="http://localhost/testing/home.php";
} else{
alert('error in sql query \n' + responseText);
}
}
});
} else return false;
});
The PHP code for http://localhost/testing/resp.php :
<?php
include "db.php"; //Connecting to database
if (!isset($_SERVER['HTTP_ORIGIN'])) {
echo "This is not cross-domain request";
exit;
}
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Credentials: true");
header("Access-Control-Allow-Methods: POST, GET, OPTIONS");
header("Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With");
header('P3P: CP="CAO PSA OUR"'); // Makes IE to support cookies
header("Content-Type: application/json; charset=utf-8");
if (isset($_POST['action']) && $_POST['action'] == 'login'){
$uname = $_POST['username'];
$pass = $_POST['password'];
$sql = "SELECT * FROM loginajax WHERE username='$uname' AND password='$pass'";
$rs=$conn->query($sql);
if (mysqli_num_rows($rs) <= 0){
echo "0";
} else {
echo "1";
}
} else echo "this is not Login";
?>
解决方案 remove this:
headers: {"Access-Control-Allow-Headers": "Content-Type"},
from your jQuery.ajax call.
The server responds with a Access-Control-Allow-Headers header, the client doesn't send it to the server.
The client sends a Access-Control-Request-Headers to request allowing certain headers, the server responds back with with a Access-Control-Allow-Headers that lists the actual headers its going to allow. The client does not get to demand what headers are allowed.
这篇关于请求头字段Access-Control-Allow-Headers在预检响应中不允许Access-Control-Allow-Headers的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!