英文:
XMLHttpRequest cannot load localhost resource with security check is Chrome
问题
我在 OS X 10.11.4 上运行的 Chrome 版本是 49.0.2623.108(64 位)。
从终端运行以下命令:
> ls /tmp
wtf.jpg
> ps -ef | grep -i chrome | grep -v grep
<空行>
退出 Chrome 后,确保没有任何实例仍在运行。
然后我使用以下参数打开 Chrome,以跳过跨域检查:
> open /Applications/Google\ Chrome.app/ --args --allow-file-access-from-files"
我还尝试了:
> open /Applications/Google\ Chrome.app/ --args --disable-web-security"
现在,我运行了一个简单的 Go 服务器:
package main
import "net/http"
func main() {
panic(http.ListenAndServe(":8080", http.FileServer(http.Dir("/tmp"))))
}
最后,我将 Chrome 指向了 /tmp 中包含以下脚本的本地 HTML5 页面:
var req = new XMLHttpRequest();
req.open('GET', "localhost:8080/wtf.jpg");
req.onload = function() {
console.log("succeeded");
};
req.onerror = function() {
Error("Network Error");
};
req.send();
最终出现以下错误:
> XMLHttpRequest 无法加载 localhost:8080/wtf.jpg。跨域请求仅支持以下协议方案:http、data、chrome、chrome-extension、https、chrome-extension-resource。
有没有办法解决这个问题?
英文:
I have Chrome Version 49.0.2623.108 (64-bit) running on OS X 10.11.4.
From the Terminal:
I ran:
> ls /tmp
wtf.jpg
> ps -ef | grep -i chrome | grep -v grep
<empty line>
After quitting Chrome, just making sure no instances is still running.
Then I open Chrome with the following argument to skip cross origin check:
> open /Applications/Google\ Chrome.app/ --args --allow-file-access-from-files"
I also tried:
> open /Applications/Google\ Chrome.app/ --args --disable-web-security"
Now, I run the trivial go server:
package main
import "net/http"
func main() {
panic(http.ListenAndServe(":8080", http.FileServer(http.Dir("/tmp"))))
}
Then finally, I point Chrome to a local html5 page in /tmp containing this script:
var req = new XMLHttpRequest();
req.open('GET', "localhost:8080/wtf.jpg");
req.onload = function() {
console.log("succeeded");
};
req.onerror = function() {
Error("Network Error");
};
req.send();
To finish with this error:
> XMLHttpRequest cannot load localhost:8080/wtf.jpg. Cross origin
> requests are only supported for protocol schemes: http, data, chrome,
> chrome-extension, https, chrome-extension-resource.
Is there a way around this annoyance?
答案1
得分: 1
我通过更改两个地方解决了这个问题:
1)我将XMLHttpRequest.open中的不合格的“"localhost:8080/wtf.jpg"”更改为“"http://localhost:8080/wtf.jpg"”。这解决了Chrome的错误消息。
2)我更新了简单的Go服务器:
package main
import "net/http"
const PORT = ":8080"
func handler(w http.ResponseWriter, r *http.Request) {
if r.Method == "OPTIONS" {
w.Header().Set("Access-Control-Allow-Origin", "http://localhost"+PORT)
} else {
http.ServeFile(w, r, "wtf.html")
}
}
func main() {
panic(http.ListenAndServe(PORT, http.HandlerFunc(handler)))
}
这对于本地测试来说已经足够好了,但不适用于生产环境。
英文:
I solved this problem by changing two things:
-
I changed the underqualified
"localhost:8080/wtf.jpg"in my XMLHttpRequest.open to"http://localhost:8080/wtf.jpg". That solved the Chrome error message. -
I updated my simplistic go server:
package main
import "net/http"
const PORT = ":8080"
func handler(w http.ResponseWriter, r *http.Request) {
if r.Method == "OPTIONS" {
w.Header().Set("Access-Control-Allow-Origin", "http://localhost"+PORT)
} else {
http.ServeFile(w, r, "wtf.html")
}
}func main() {
panic(http.ListenAndServe(PORT, http.HandlerFunc(handler)))
}
That's not safe for production but good enough for local testing.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论