1

以下は、javascript から、別のサブドメインの Nginx 上の PHP バックエンドに対して作成される XDomainRequest です。戻り値は常にエラー関数を実行し、XDomainRequestデバッグの詳細は提供しません。コードに何か問題がありますか?

Javascript

var xdr = new XDomainRequest();       

        xdr.open(method.toLowerCase(), url);
        timeout = 10000;
        // Required to XDomainRequest works
        xdr.timeout = timeout;
        xdr.onprogress = function() {};

        xdr.ontimeout = function() {
          completeRequest(callback, 408, 'Timeout', 'Content-Type: text/plain');
          xdr.abort();
        };

        xdr.onload = function() {
          completeRequest(callback, 200, xdr.responseText, 'Content-Type: ' + xdr.contentType);          
        };

        xdr.onerror = function() {
          completeRequest(callback, 500, 'Error', 'Content-Type: text/plain');
          xdr.abort();
        };


        $browserDefer(function () {
          xdr.send();
        }, 0); //fix IE bug that raises '$apply already in progress' on cached requests

        if (timeout > 0) {
          $browserDefer(function() {
            status = -1;
            xdr.abort();
          }, timeout);
        }

PHP with PreFlight Options Check

if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
            if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']) && ($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'] == 'POST' || $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'] == 'DELETE' ||  $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'] == 'PUT' )) {
                     header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']);
                     header("Access-Control-Allow-Credentials: true"); 
                     //header('Access-Control-Allow-Headers:  *,X-Requested-With,Content-Type');
                     header('Access-Control-Allow-Headers: Content-Type');
                     header('Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT'); // http://stackoverflow.com/a/7605119/578667
                     header('Access-Control-Max-Age: 86400'); 
                     echo PVResponse::createResponse(200, 'Successful Connection');
             }
          exit();
        }

        header('Access-Control-Allow-Origin: '. $_SERVER['HTTP_ORIGIN'] );
        header('Access-Control-Allow-Credentials: true' );
        header('Access-Control-Request-Method: *');
        header('Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS');
        header('Access-Control-Allow-Headers: *,x-requested-with,Content-Type');
        header('X-Frame-Options: DENY');

//Execute rest of PHP code after headers have been set

クロスサブドメイン呼び出しが他のすべてのブラウザーで機能するようになりました。IE8 と IE9 に何か特別なものはありAllow-Headersますか?

4

0 に答える 0