error Access-Control-Allow-Origin header on codeig

2020-07-23 05:32发布

站内问答 / PHP
1895 3 5

i am getting the error of XMLHttpRequest cannot load, No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://abc' is therefore not allowed access.. i am very new in php and codeigniter and so i cannot really understand what is going on. i tried reading other materials here in stackoverflow but it just left me blank. I am sorry if this is a duplicate post to you but I really need help.

here is the ajax call for the view:

$("#btnLoginFB").click(function()
{       
$.ajax({
     type: "POST",
     url: '<?php echo base_url();?>Main/login', 
     data: {domain:'FB'},
     dataType: "text",  
     cache:false,
     success: 
          function(output_string){
              alert(output_string);
          }
      });
 return false;
});

and here is the functions in the controller

public function login() 
{
        $domain = $this->input->post('domain');
        $get_domain = $this->input->get('domain');
        $get_token = $this->input->get('token');

        if ((!empty($get_domain)) && (!empty($get_token)))
        {   
            $this->getmasterid();       
        }
        else
        {
            $this->getticket($domain);
        }
}

public function getsomething($domain)
{

    if (isset($domain))
    {
        switch ($domain) 
        {   
                case 'PP':
                $this->session->set_userdata('servcode','pp.login');
                $this->session->set_userdata('servsiggy','adgjanlnadgakjdbakg');
                $this->session->set_userdata('domain','pp');
                break;
            case 'FB':
                $this->session->set_userdata('servcode','fb.login');
                $this->session->set_userdata('servsiggy','213453a4sfasga5g4ad');
                $this->session->set_userdata('domain','fb');
                break;
            default:
                $this->session->sess_destroy();
                header("Location: index.php");
                break;
        }

        $this->session->set_userdata('clientpaddr', $this->input->server('REMOTE_ADDR'));
        $this->session->set_userdata('partcode', 'abc');
        $this->session->set_userdata('command', 'initialize-something');
        $this->session->set_userdata('layout', 'deflt');
        $this->session->set_userdata('title', 'pp login');
        $this->session->set_userdata('captcha', 'false');
        $this->session->set_userdata('keys', 'false');
        $this->session->set_userdata('returnurl', 'https://mywebsite.game.com/login.php');
        $this->session->set_userdata('cancelurl', 'https://mywebsite.game.com/cancel.php');
        $this->session->set_userdata('sendurl', 'http://192.168.0.1/authenticate/green/api.ashx');

    }
    else
    {
        $this->session->sess_destroy();
        header("Location: index.php");
    }

    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $this->session->userdata('sendurl'));
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
    curl_setopt($ch, CURLOPT_POST, true);

    $data = array(
       'part_code' => $this->session->userdata('partcode'),
       'serv_code' => $this->session->userdata('servcode'),
       'serv_siggy' => $this->session->userdata('servsiggy'),
       'command' => $this->session->userdata('command'),
       'ip' => $this->session->userdata('clientpaddr'),
       'domain' => $this->session->userdata('domain'),
       'layout' => $this->session->userdata('layout'),
       'required_captcha' => $this->session->userdata('captcha'),
       'required_keys' => $this->session->userdata('keys'),
       'return_url' => $this->session->userdata('returnurl'),
       'cancel_url' => $this->session->userdata('cancelurl')
    );

    curl_setopt($ch, CURLOPT_POSTFIELDS, $data);
    $output = curl_exec($ch);
    curl_close($ch);

    $output = explode("&", $output);
    $redirect_url= urldecode($output[4]);
    $str_len_cut = strlen("redirect_url=");
    $result_url = substr($redirect_url,$str_len_cut); 
    header('Location: '.$result_url); 
}

3条回答
家丑人穷心不美
2楼-- · 2020-07-23 06:01

In the controller, set Access-Control-Allow-Origin at the top of your php script to the expected value of the origin header, the domain your ajax calls from:

header('Access-Control-Allow-Origin: abc');

Or if you never use credentials and don't care where the request comes from, just use a wildcard:

header('Access-Control-Allow-Origin: *');

update 2015-07-13 12:34 +0000

Disclaimer
I think I failed to properly consider that this was done under codeigniter and it now seems to me this answer is pretty poor.

查看更多
0人赞 添加讨论(0) 举报
3楼-- · 2020-07-23 06:09

In codeigniter the way to do this is using the output class. So you would put this in your controller wherever you need this.

$this->output
    ->set_header('Access-Control-Allow-Origin: some-origin')
    ->set_header('Access-Control-Allow-Methods: GET, OPTIONS')

As a side note: it is generally bad practise to set your Access-Control-Allow-Origin: to * unless you really want to allow request from any domain. Otherwise it would be more secure to only allow requests from the domain(s) you are running your app on. More on this matter here.

查看更多
0人赞 添加讨论(0) 举报
我只想做你的唯一
4楼-- · 2020-07-23 06:10

I was also facing same problem. please keep in mind you have to put

header('Access-Control-Allow-Origin: *');

in other side.

For example, you are requesting ajax from

http://example.net

to http://example2.net/login so you have to put above code at http://example2.net/login files.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)