{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://www.manongdao.com/data/attach/logo/logo.png', '推荐 不美不萌又怎样 的问题《CORS request not working in Safari》','https://www.manongdao.com/q-1169105.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}
I am making a CORS xhr request. This works fine in chrome, however when I run in safari I get an 'Can not load ---- access not allowed by Access-control-allow-origin'. The code is exactly the same and I have set the CORS on the server. Below is my code.(has access control, but you are free to try without the accessToken)
var water;
var req = new XMLHttpRequest;
req.overrideMimeType("application/json");
req.open('GET', 'https://storage.googleapis.com/fflog/135172watersupplies_json', true);
req.setRequestHeader('Authorization', 'Bearer ' + accessToken);
origThis = this;
var target = this;
req.onload = function() {
water = req;
req.send(null);
After looking at the request headers I see that a OPTIONS request is made first and this is the request that is not allowed. The origin header is not included in the response in Safari, but is in chrome. What would cause this. Any help would be greatly appreciated.
UPDATE: I have tried in Safari for Windows and it works, so I'm not sure what is going on here. The mac that I am using is a remote access (Macincloud.com), but I don't think that would have anything to do with it.
I encountered the same error when making an XHR request against a file in Amazon S3. On Safari 7 it was failing. I know you're not using Amazon S3, but I thought I'd post in case this solution helped others.
The problem was that Safari 7 set the Access-Control-Request-Headers header to "origin, x-requested-with", but my AWS CORS configuration only allowed "x-requested-with":
I added "origin" as an allowed header and everything worked fine.
Note: the AllowedOrigin of
*is for development purposes only. See @andes comment below for more information.As for Amazon S3, it only worked in safari after I added more allowed headers, Content-Type and Range. One of these did the job.
In my case, it was an issue for Accept-Langauge header. I have added
Accept-LanguageinsideAccess-Control-Allow-Headersand it got resolved.try to remove overide mimetype.
For CORS request you should be using your origin
fflog.storage.googleapis.com. If you use commonstorage.googleapis.comorigin, any site can access to your bucket.have try try remove
overrideMimeType? If you set mime type, it will return correctly.I also have problem with Safari POST request, but no answer yet. GET is OK.
I just had a similar problem, CORS error. It would work in Firefox & Chrome but not Safari 10.
Turned out we needed to put the trailing slash on the JSON URL.