Backbone: CORS 同步发送 OPTIONS 请求而不是 POST

Look up how CORS works -- this is the expected "preflight" request查看 CORS 的工作原理——这是预期的“预检”请求

https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS#Preflighted_requests https://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS#Preflighted_requests

我怎样才能避免这个重新飞行请求？

仅发送此处定义的“简单请求”： https ://developer.mozilla.org/en-US/docs/HTTP/Access_control_CORS#Simple_requests

I tried this on server side to handle preflight calls:我在服务器端尝试了这个来处理预检调用：

header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: X-Requested-With');
header('Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS');

but did not work, the browser does not send another request after the preflight...但没有工作，预检后浏览器不会发送另一个请求......

So you say that it is not possible with backbone.sync?所以你说backbone.sync是不可能的？
Then it is a bug I think...然后我认为这是一个错误......

无论如何，这不是 Backbone 问题，所以我建议在 Stackoverflow 或 IRC 上询问。

你能解释一下为什么这不是骨干问题吗？

阅读 Backbone.sync 的源代码 (http://backbonejs.org/docs/backbone.html#section-134)，您会看到 Backbone 只是将所有内容传递给 $.ajax。

@inf3rno try this one. @inf3rno试试这个。

header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: Content-Type');
header('Access-Control-Allow-Methods: POST');

This isn't Backbone issue at all.这根本不是 Backbone 问题。

These are my original headers without php:这些是我没有 php 的原始标题：

HTTP/1.1 200 OK
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Content-Type: text/html
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: PHP/5.3.8, ASP.NET
access-control-allow-origin: http://x.y.loc
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS
Date: Fri, 17 May 2013 01:33:02 GMT
Content-Length: 0

I think my server is well configured, but I tried out the headers you gave, and they did not work...我认为我的服务器配置得很好，但是我尝试了您提供的标头，但它们不起作用...

Simple $.ajax calls work well, for example I load json files from the service with this:简单的 $.ajax 调用效果很好，例如我从服务中加载 json 文件：

define(function (require, exports, module) {
    var $ = require("jquery");

    module.exports = {
        load: function (name, _require, load, config) {
            var params = name.split("|");
            var method, url;
            if (params.length == 1) {
                method = "GET";
                url = params[0];
            }
            else {
                method = params[0];
                url = params[1];
            }
            $.ajax({
                url: url,
                type: method,
                dataType: "json"
            }).success(load).error(function (xhr, status, error) {
                    throw error;
                });
        }
    };

});

I tried out this with any request method, and they responded well...我用任何请求方法都试过了，他们的反应很好......

The collection.fetch() works well too, I have problems only with the model.save() ... collection.fetch() 也很好用，我只有 model.save() 有问题...

I tried it this way, maybe I'm doing something wrong:我这样尝试过，也许我做错了什么：

        var User = Backbone.Model.extend({
            urlRoot: Application.service.Authorization.User.create.url
        });
        var form = new UserForm({
            model: new User({
                email: "[email protected]",
                name: "test"
            })
        }).render();
        form.on("submit", function (user) {
            console.log(user.attributes);
            user.save(null, {
                success: function (model, response, options) {
                    console.log("success");
                },
                error: function (model, xhr, options) {
                    console.log("error");
                }
            });
        });

I got the attributes and "error" in console.我在控制台中得到了属性和“错误”。 I'll check what kind of error is..我会检查什么样的错误是..

You were right, thanks!你是对的，谢谢！ I added to server config the allow content-type, and it works now.我在服务器配置中添加了允许内容类型，它现在可以工作了。 Firebug is not the best, the Chrome console printed that the content-type is not allowed... Firebug 不是最好的，Chrome 控制台打印的内容类型是不允许的...

Many tanks!许多坦克！ :D :D

GET and POST requests requires quite different headers. GET和POST请求需要完全不同的标头。 When the API server uses cookies for authentication, the server should have Access-Control-Allow-Credentials: true header.当 API 服务器使用cookies进行身份验证时，服务器应该有Access-Control-Allow-Credentials: true标头。 And off course you need to make a XHR request with withCredentials: true on client-side.当然，您需要在客户端使用withCredentials: true发出 XHR 请求。 When the API server uses Authorization header for BasicAuth request, you don't need withCredential .当 API 服务器使用Authorization标头进行 BasicAuth 请求时，您不需要withCredential 。 Instead, the Access-Control-Allow-Headers need to include Authorization in this case, just like相反，在这种情况下， Access-Control-Allow-Headers需要包含Authorization ，就像

header('Access-Control-Allow-Headers: Authorization, Content-Type');

Ah, it seems you solved the issue while I'm writing this.啊，看来你在我写这篇文章时解决了这个问题。

是的，无论如何，谢谢，你帮了很多忙！

@inf3rno Thanks so much for the comment about Chrome giving better error messages than Firebug! @inf3rno 非常感谢关于 Chrome 提供比 Firebug 更好的错误消息的评论！ That helped us solve the problem.这帮助我们解决了问题。

You're welcome!别客气！ :-) :-)

Can someone please help on this issue?有人可以帮忙解决这个问题吗？ http://stackoverflow.com/questions/32725249/cors-filter-issue-for-authentrypoint http://stackoverflow.com/questions/32725249/cors-filter-issue-for-authentrypoint

万一其他人遇到这个问题，我必须将“x-http-method-override”添加到我设置 Backbone.emulateHTTP = true 时使用的 Access-Control-Allow-Methods 列表中