当您试图发送跨站点请求时发生此错误。 我怎么解决这个问题?

在nginx配置文件中添加

add_header Access-Control-Allow-Origin '*.domain.com'
add_header Access-Control-Allow-Credentials 'true';

在“domain.com”中，我试图发送ajax请求

$.ajax({
   url: sub.domain.com,
   xhrFields: {
      withCredentials: true
   }
});

AJAX调用仅在您调用的url与调用脚本在同一域中时发送cookie。

这可能是一个跨域问题。

也许你试图从www.domain-a.com调用一个url，而你的调用脚本在www.domain-b.com上(换句话说:你进行了跨域调用，在这种情况下浏览器不会发送任何cookie来保护你的隐私)。

在这种情况下，你的选择是:

Write a small proxy which resides on domain-b and forwards your requests to domain-a. Your browser will allow you to call the proxy because it's on the same server as the calling script.This proxy then can be configured by you to accept a cookie name and value parameter which it can send to domain-a. But for this to work you need to know the cookie's name and value your server on domain-a wants for authentication. If you're fetching JSON objects try to use a JSONP request instead. jQuery supports these. But you need to alter your service on domain-a so that it returns valid JSONP responds.

如果这能帮到你就好了。

也许不能100%回答这个问题，但我无意中发现了这个帖子，希望解决一个会话问题，当ajax从innovastudio编辑器的资产管理器上传文件时。 最终解决方案很简单:他们有一个flash上传器。禁用(设置

var flashUpload = false;   

在asset.php中)，灯又开始闪烁。

由于这些问题很难调试，我发现在上传处理程序中放入以下内容将使你(在这种情况下是我)走上正确的轨道:

$sn=session_name();
error_log("session_name: $sn ");

if(isset($_GET[$sn])) error_log("session as GET param");
if(isset($_POST[$sn])) error_log("session as POST param");
if(isset($_COOKIE[$sn])) error_log("session as Cookie");
if(isset($PHPSESSID)) error_log("session as Global");

仔细查看日志，我很快发现了丢失的会话，其中没有发送cookie。

在尝试了其他解决方案后，仍然没有奏效，我发现了我的问题所在。我把contentType从“application/json”改为“text/plain”。

$.ajax(fullUrl, {
    type: "GET",
    contentType: "text/plain",
    xhrFields: {
         withCredentials: true
    },
    crossDomain: true
});

There are already a lot of good responses to this question, but I thought it may be helpful to clarify the case where you would expect the session cookie to be sent because the cookie domain matches, but it is not getting sent because the AJAX request is being made to a different subdomain. In this case, I have a cookie that is assigned to the *.mydomain.com domain, and I am wanting it to be included in an AJAX request to different.mydomain.com". By default, the cookie does not get sent. You do not need to disable HTTPONLY on the session cookie to resolve this issue. You only need to do what wombling suggested (https://stackoverflow.com/a/23660618/545223) and do the following.

1)在ajax请求中添加以下内容。

xhrFields: { withCredentials:true }

2)在不同子域的资源的响应头中添加以下内容。

Access-Control-Allow-Origin : http://original.mydomain.com
Access-Control-Allow-Credentials : true

把这个放在你的init函数中:

$.ajaxSetup({
  xhrFields: {
    withCredentials: true
  }
});

它会起作用的。