javascript - js cross-domain request error: Refused to set unsafe header "Referer"?
phpcn_u1582
phpcn_u1582 2017-07-05 10:42:13
0
2
3224

Try to use cross-domain request for data from another website in my website program. The target website needs to verify the refer parameter in the http request.

Turn on the cross-domain option of the chrome browser, and use the following style code to try to send a request

 $.ajax({
            headers: {
                "Referer":"https://xxx.com/xxxxxx"
            },
            type:'POST',
            data:{...},
            success:function(r){...}
 });

As a result, the browser reported an error: Refused to set unsafe header "Referer"

After querying the information, it seems that the browser does not allow setting the header parameters of the request.

Students with relevant development experience, please give me some advice. Is this requirement theoretically achievable? How to achieve?

phpcn_u1582
phpcn_u1582

reply all(2)
習慣沉默

For security reasons, there are some restrictions on cross-domain XHR objects:

  • Cannot use setRequestHeader() to set custom headers

  • Cannot send and receive cookies

  • Calling the getAllResponseHeaders() method always returns an empty string

漂亮男人

I just encountered it recently. You can refer to my article. If you don’t understand, you can ask me: /a/11...

Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template