为什么铬取消CORS OPTION请求

本文介绍了为什么铬取消CORS OPTION请求的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！ 问题描述

在我的应用程序，我创建从HTTP AJAX请求到HTTPS。这意味着我需要CORS。所以，我想补充一些头，而params为jQuery.ajax并对其进行测试。在Firefox中逝去的工程确定，但在Chrome并非如此。 Chrome浏览器杀每preflighed请求（选项）。

in my app I'm creating AJAX request from HTTP to HTTPS. This means I need CORS. So I add some headers and params to jQuery.ajax and test it. In Firefox everythings works OK, but in Chrome not. Chrome "kill" every preflighed request (OPTIONS).

jQuery脚本：

$(document).on('click', 'a.ajax', function(e) { e.preventDefault(); $.ajax(this.href, { type: 'GET', dataType: 'json', crossDomain: false, headers: {'X-Requested-With': 'XMLHttpRequest'}, xhrFields: { withCredentials: true } }); return false; });

HTTP转储：

HTTP dump:

> OPTIONS /foo HTTP/1.1 > User-Agent: curl/7.29.0 > Host: local.bar.cz > Accept: */* > Access-Control-Request-Headers:accept, origin, x-requested-with > Access-Control-Request-Method:GET > Origin:local.bar.cz > < HTTP/1.1 204 < Server: nginx/1.2.7 < Date: Wed, 27 Feb 2013 15:06:54 GMT < Content-Type: text/html; charset=utf-8 < Connection: keep-alive < X-Powered-By: Nette Framework < X-Frame-Options: SAMEORIGIN < Access-Control-Allow-Origin: local.bar.cz < Access-Control-Allow-Credentials: true < Access-Control-Allow-Headers: accept, origin, x-requested-with < Access-Control-Allow-Methods: OPTIONS, GET, POST, HEAD <

任何人知道为什么镀铬杀了这一要求？

any one knows why chrome kill this request?

推荐答案

也许你的HTTPS服务器有一个不可信证书。如果是这样，尝试访问的URL与浏览器的第一，并接受不受信任的连接。

Maybe your https server has an untrusted certificate. If so, try accessing to the URL with your browser first, and accepting the untrusted connection.