拒绝设置不安全的标头“Origin"使用谷歌浏览器的 xmlHttpRequest 时

本文介绍了拒绝设置不安全的标头“Origin"使用谷歌浏览器的 xmlHttpRequest 时的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着跟版网的小编来一起学习吧！

问题描述

限时送ChatGPT账号..

收到此错误消息:拒绝设置不安全的标头Origin"

使用此代码:

   function getResponse() {
            document.getElementById("_receivedMsgLabel").innerHTML += "getResponse() called.<br/>";
            if (receiveReq.readyState == 4 || receiveReq.readyState == 0) {
                receiveReq.open("GET", "http://L45723:1802", true, "server", "server123");  //must use L45723:1802 at work.
                receiveReq.onreadystatechange = handleReceiveMessage;
                receiveReq.setRequestHeader("Origin", "http://localhost/");
                receiveReq.setRequestHeader("Access-Control-Request-Origin", "http://localhost");
                receiveReq.timeout = 0;
                var currentDate = new Date();
                var sendMessage = JSON.stringify({
                    SendTimestamp: currentDate,
                    Message: "Message 1",
                    Browser: navigator.appName
                });
                receiveReq.send(sendMessage);

            }
        }

我做错了什么?为了使这个 CORS 请求正常工作，我在标头中遗漏了什么?

What am I doing wrong? What am I missing in the header to make this CORS request work?

我尝试删除 receiveReq.setRequestHeader("Origin", ...) 调用，但 Google Chrome 在我的 receiveReq.open() 调用中引发访问错误...

I tried removing the receiveReq.setRequestHeader("Origin", ...) call but then Google Chrome throws an access error on my receiveReq.open() call...

为什么?

拒绝设置不安全的标头“Origin"使用谷歌浏览器的 xmlHttpRequest 时

问题描述

推荐答案

相关文档推荐