我正在从不同于发送GET的服务器检索图像文件,我得到了两个文件,一个位于/var/www/html/test/image1.png的另一个服务器上,另一个文件位于/var/www/html/test/inside/image2.png。我得到的文件是这样的。我知道网址http://xxx.xxx.xx/test/image1.png和http://xxx.xxx.xx/test/inside/image2.png然后我做这个
function convertToDataURLviaCanvasBOTH(url, callback, outputFormat){
var img = new Image();
img.crossOrigin = 'Anonymous';
img.onload = function(){
var canvas = document.createElement('CANVAS');
var ctx = canvas.getContext('2d');
var dataURL;
canvas.height = this.height;
canvas.width = this.width;
ctx.drawImage(this, 0, 0);
dataURL = canvas.toDataURL(outputFormat);
callback(dataURL);
canvas = null;
};
img.src = url;
}
url1 = http://xxx.xxx.xx/test/image1.png;
url2 = http://xxx.xxx.xx/test/inside/image2.png
data1 = convertToDataURLviaCanvasBOTH(url1);
data2 = convertToDataURLviaCanvasBOTH(url2);
data1工作得很好,我把它拿回来了,但当它为url2疲劳时,它失败了,我得到了错误
Image from origin 'http://xxx.xx.xx.x' has been blocked from loading by Cross-Origin Resource Sharing policy: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://sending-server.com' is therefore not allowed access.
当第二个只在第一个的子文件夹中时,为什么它适用于第一个而不适用于第二个?
在根文件目录下,我还有
Header always set Access-Control-Allow-Origin "http://sending-server.com"
Header always set Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header always set Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
在.htaccess文件中,它应该始终发送头
以下是url1 的请求标头
Accept:image/webp,image/*,*/*;q=0.8
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Host:192.67.64.41
If-Range:"1083f-52648757feb05"
Origin:http://sending-server.com
Range:bytes=2596-2596
Referer:http://sending-server.com/info.html
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36
以及来自url2 的请求标头
Provisional headers are shown //THERE IS A WARING SYMBOL ON THIS LINE
Accept:image/webp,image/*,*/*;q=0.8
Origin:http://sending-server.com
Referer:http://sending-server.com/info.html
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.73 Safari/537.36
X-DevTools-Emulate-Network-Conditions-Client-Id:A760326C-C02F-41C6-A4F6-4B46AA7BC1C3
感谢
我不知道.htaccess的确切设置,但.htaccess的正确设置是:
<FilesMatch "'.(php)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Methods: POST, GET, OPTIONS
........
</IfModule>
</FilesMatch>
当执行某些类型的跨域AJAX请求时,支持CORS的现代浏览器会插入一个额外的"preflight"请求,以确定他们是否有执行该操作的权限。
OPTIONS /
Host: bar.com
Origin: http://foo.com
如果bar.com愿意接受该操作,它可能会用以下标题进行响应:
Access-Control-Allow-Origin: http://foo.com
Access-Control-Allow-Methods: PUT, DELETE
如果它不工作,请告诉我