对 XMLHttpRequest 的访问已被 cors Policy:Response 阻止，预检请求未通过访问控制检查

Question

错误：

Access to XMLHttpRequest at 'http://localhost:8000/hirings/hiring' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

headers

app.use((req,res,next)=>{
    res.header('Access-Control-Allow-Headers, *, Access-Control-Allow-Origin', 'Origin, X-Requested-with, Content_Type,Accept,Authorization','http://localhost:4200');
    if(req.method === 'OPTIONS') {
        res.header('Access-Control-Allow-Methods','PUT,POST,PATCH,DELETE,GET');
        return res.status(200).json({});
    }
    next();
});

app.use(cors());

请给出这个问题的解决方案

Answer 1

中间件的顺序在 express 框架中很重要。您可以按如下方式修复它：

app.use(cors());
app.use((req,res,next)=>{
    res.header('Access-Control-Allow-Headers, *, Access-Control-Allow-Origin', 'Origin, X-Requested-with, Content_Type,Accept,Authorization','http://localhost:4200');
    if(req.method === 'OPTIONS') {
        res.header('Access-Control-Allow-Methods','PUT,POST,PATCH,DELETE,GET');
        return res.status(200).json({});
    }
    next();
});

对 XMLHttpRequest 的访问已被 cors Policy:Response 阻止，预检请求未通过访问控制检查

Access to XMLHttpRequest has blocked by cors Policy:Response to preflight request doesn't pass access control check

node.js

express