使用ajax获取请求会在localhost中抛出403错误,但不会在Web服务器中抛出403错误(Get request with ajax throw a 403 error in localhost but not in a web server)
问题是我从我的网络服务器下载我的代码,因为我需要进行一些测试但是当我尝试使用ajax访问路由时它不允许我,这里是我的代码的一部分:
function ajaxFunction(id){
// Para incompatibilidades
try{
// Opera 8.0+, Firefox, Safari
ajaxRequest = new XMLHttpRequest();
}catch (e){
// Internet Explorer Browsers
try{
ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP");
}catch (e) {
try{
ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP");
}catch (e){
// Something went wrong
alert("Your browser broke!");
return false;
}
}
}
// Here processRequest() is the callback function.
ajaxId = id;
switch (ajaxId) {
case 1:
data = document.getElementById('selectFinca').value;
extraUrl = "finca_id=" + data;
break;
case 2:
data = document.getElementById('selectFincaDesk').value;
extraUrl = "finca_id=" + data;
break;
}
ajaxRequest.onreadystatechange = endAjax;
var url = "https://localhost/dev/ajax/out.php?ajaxId=" + ajaxId + "&" + extraUrl;
ajaxRequest.open("GET", url, true);
ajaxRequest.send(null);
我需要的只是将ajaxId和finca_id发送到out.php,但是这个错误是trown:
GET https://localhost/dev/ajax/out.php?ajaxId=2&finca_id=24 403 (Forbidden)
问题是它在线工作的代码完全相同。
The thing is that I download my code from my webserver because I need to make some test but when I tried to acces a route with ajax it doesn't let me, here is part of my code:
function ajaxFunction(id){
// Para incompatibilidades
try{
// Opera 8.0+, Firefox, Safari
ajaxRequest = new XMLHttpRequest();
}catch (e){
// Internet Explorer Browsers
try{
ajaxRequest = new ActiveXObject("Msxml2.XMLHTTP");
}catch (e) {
try{
ajaxRequest = new ActiveXObject("Microsoft.XMLHTTP");
}catch (e){
// Something went wrong
alert("Your browser broke!");
return false;
}
}
}
// Here processRequest() is the callback function.
ajaxId = id;
switch (ajaxId) {
case 1:
data = document.getElementById('selectFinca').value;
extraUrl = "finca_id=" + data;
break;
case 2:
data = document.getElementById('selectFincaDesk').value;
extraUrl = "finca_id=" + data;
break;
}
ajaxRequest.onreadystatechange = endAjax;
var url = "https://localhost/dev/ajax/out.php?ajaxId=" + ajaxId + "&" + extraUrl;
ajaxRequest.open("GET", url, true);
ajaxRequest.send(null);
All that I need is to send ajaxId and finca_id to out.php but this error is trown:
GET https://localhost/dev/ajax/out.php?ajaxId=2&finca_id=24 403 (Forbidden)
the thing is that the exactly same code it is working online.
原文:https://stackoverflow.com/questions/44169846
更新时间:2020-02-15 02:44
最满意答案
HTTP和HTTPS是向服务器发出请求的两种协议。 还有其他人,但对于网站来说,这两个是常用的。
当您使用HTTPS发出请求时,浏览器会尝试使用SSL证书建立安全连接。 您收到403禁用错误,因为您显然没有本地计算机上的SSL证书。
某些JavaScript API需要HTTPS,如地理位置和浏览器通知,如果在没有安全连接的情况下使用它们,则会失败。 虽然它们可以在本地主机上测试就好了。
HTTP只是一个常规的不安全连接,你应该期望任何人都可以看到你在这里传递的数据。 您不希望在没有至少获得SSL认证的情况下传递信用卡数据或个人信息。
您有时会看到链接遗漏了JS库的CSS协议,如://code.jquery.com/jquery-3.2.1.min.js
退出协议并加载到这样的资产只是告诉浏览器使用它当前使用的任何协议,这样如果您在HTTP上开发站点然后转到HTTPS,您的HTTPS连接将不会因尝试加载而中断HTTP上的资产。
否则,您必须更新每个地方正在以HTTP形式加载某些内容,以便您的HTTPS连接不会中断。
希望有所帮助。
HTTP and HTTPS are two protocols to make a request to a server. There's others, but for websites these are the two commonly used.
When you make a request using HTTPS the browser attempts to make a secure connection using an SSL certificate. You were getting a 403 forbidden error because you obviously don't have an SSL certificate on your local machine.
Some JavaScript APIs require HTTPS like Geo location and browser notifications and will fail if they are used without a secure connection. Though they can be tested on local host just fine.
HTTP is just a regular unsecured connection and you should expect that data you pass through here can be seen by anyone. You would not want to pass credit card data or personal information without at the very least having and SSL certification.
You'll sometimes see links leaving out the protocol on CSS of JS libraries like this: //code.jquery.com/jquery-3.2.1.min.js
Leaving out the protocol and loading in an asset like this just tells the browser to use whatever protocol it is currently using so that if you develop an site on HTTP and then you go to HTTPS, your HTTPS connection won't break from trying to load assets over HTTP.
Else you would have to go and update every place something is being loaded in as HTTP so your HTTPS connection doesn't break.
Hope that helps.
相关问答
问题解决了! 我只是要求我的虚拟主机为我的域创建一个例外。 我认为他们的服务器的mod_security设置导致403 Forbidden Error。 Problem solved! I just ask my web hosting to create an exception for my domain. I think the mod_security setting of their server causes the 403 Forbidden Error.
您不想将整个硬盘驱动器打开到Web服务器进程。 其实httpd.conf第215-217行说: # Deny access to the entirety of your server's filesystem. You must
# explicitly permit access to web content directories in other
# blocks below.
Apache 2.4(OSX 10.10优胜美地) 与模块mod_authz_core
...
我想我找到了解决方案。 我将安全级别设置为中等以解决问题。 我在config文件夹中找到了这一行。 中等安全级别是否会对生产造成任何问题? /**
* The level of CakePHP security. The session timeout time defined
* in 'Session.timeout' is multiplied according to the settings here.
* Valid values:
*
* 'high' Session
...
解决方案:我发现每个ajax请求处理这种情况的最好方法是使用statusCode方法: statusCode: {
403: function() {
},
200: function(data) {
}
//other codes. read the docs for more details
}
Solution: The best I found to deal with this situation per ajax request is to use
...
您的Web服务可能未使用以下属性启用脚本: [System.Web.Script.Services.ScriptService]
I figured it.. There was problem with URL.
当您使用asp.net mvc3 ,您可以尝试@Url.Action(... url: "@Url.Action('Telephony','Show')",
您只需要提供控制器和操作名称。 不知道你为什么在url中使用TelephonieController.vb这个不是web表单。 虽然我没有vb的经验,但仍然觉得vb会像c#一样工作 As you are using asp.net mvc3, you can try @Url.Action(... url: "@Url.Action
...
在发出POST请求时,Django需要一个csrf令牌(除非你使用基于令牌的身份验证,但我假设你不在这里)。 就像你需要在表单提交中包含{{ csrf_token }} 。 有关您需要它的原因以及csrf令牌的用途的更多信息: 什么是CSRF令牌? 它的重要性是什么?它是如何工作的? 因此,对于您的问题,请在add到此下更改您的ajax调用: $.ajax({
url: "http://138.49.184.143:3000/tasker/api/"+ownerId+"?key=
...
HTTP和HTTPS是向服务器发出请求的两种协议。 还有其他人,但对于网站来说,这两个是常用的。 当您使用HTTPS发出请求时,浏览器会尝试使用SSL证书建立安全连接。 您收到403禁用错误,因为您显然没有本地计算机上的SSL证书。 某些JavaScript API需要HTTPS,如地理位置和浏览器通知,如果在没有安全连接的情况下使用它们,则会失败。 虽然它们可以在本地主机上测试就好了。 HTTP只是一个常规的不安全连接,你应该期望任何人都可以看到你在这里传递的数据。 您不希望在没有至少获得SSL
...
1628
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
