{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 孤傲高冷的网名 的问题《XMLHttpRequest Access Control Allow Origin when ur》','https://www.manongdao.com/q-1096006.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
Sometimes when I submit ajax requests I get this error
XMLHttpRequest cannot load http://www.mysite.com/go/submit. Origin http://mysite.com is not allowed by Access-Control-Allow-Origin.
Here are solutions I thought about:
* Add the allow origin rule everywhere?
* Write .htaccess to always redirect to full url
* Use this method http://james.padolsey.com/javascript/cross-domain-requests-with-jquery/
How should I fix this problem?
The same origin policy means you cannot analyze data (json, html, image, etc.) that are coming from another "origin" (domain, port) than yours.
Note that
A solution is to set, on the server serving the other data, CORS headers explicitly allowing the access :
So you must have control of the server serving the data you embed as soon as you're not just displaying them.
A somewhat indirect solution is to let the browser think there is only one origin, by putting on your server a proxy. On apache you don't need .htaccess but
mod_proxy. If you want to install such a proxy, you may be interested by this SO question (in fact you'd probably be more interested by the answer which helped me set such a proxy on one of my servers).If your only problem is people typing mysite.com instead of www.mysite.com and you have only one server, you may simply use .htaccess to rewrite the URL :