问题描述

我正在尝试为学校项目使用webUntis'（）API。现在我只想尝试与API建立任何类型的连接。

I'm trying to use webUntis'(docs) API for a school project. For now I'm just trying to establish any kind of connection to the API.

var result;
const url = 'https://api.webuntis.dk/api/status';
var xhr = new XMLHttpRequest();

xhr.open('GET',url, true);
xhr.setRequestHeader('Access-Control-Allow-Origin','*');
xhr.setRequestHeader('Content-type','application/json');
xhr.setRequestHeader('Access-Control-Allow-Methods','GET');
xhr.setRequestHeader('X-API-KEY', '/*API KEY*/');
xhr.send();


xhr.onreadystatechange = function() {
    if (this.readyState == 4 && this.status == 200) {
        result = xhr.responseType;
        console.log(result);
    }
};

此代码生成以下错误消息：

This code produces the following error message:

阻止跨源请求：相同的源策略禁止在
（原因：缺少CORS标题'Access-Control-Allow-Origin'。）

如何解决这个问题？也许我的API密钥错了？

How may this problem be solved? Perhaps my API key is wrong?

免责声明：错误信息是从德语翻译的。

Disclaimer: The error message was translated from German.

推荐答案

它基本上意味着此API未配置为从其他网页调用。 Cross-Origin指的是从一个域（源）到另一个域（源）发出HTTP请求。此API旨在从服务器应用程序中使用。如果您需要从网页上调用它，您需要创建一个简单的代理服务器，您的网页可以调用该代理服务器来向webUntis发出请求。

It basically means that this API is not configured to be called from another web page. Cross-Origin refers to making an HTTP request from one domain (origin) to another. This API is meant to be used from a server application. If you need to call it from a web page, you'll need to create a simple proxy server that your web page can call which will make the request to webUntis.

这篇关于缺少CORS标头'Access-Control-Allow-Origin'的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！