Apigee + Angular 请求的资源上不存在 'Access-Control-Allow-Origin' header
Apigee + Angular No 'Access-Control-Allow-Origin' header is present on the requested resource
早上好;
也许这个问题被问过100次了,但我真的无法解决。
我在 Apigee 中有响应 OPTIONS 请求的配置。
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage async="false" continueOnError="false" enabled="true" name="AM-AddCors">
<DisplayName>AM-AddCors</DisplayName>
<Properties/>
<Add>
<Headers>
<Header name="Access-Control-Allow-Origin">*</Header>
<Header name="Access-Control-Allow-Headers">Content-Length, Content-Disposition, Origin, x-requested-with, Accept, Content-Type, Authorization</Header>
<Header name="Access-Control-Max-Age">3628800</Header>
<Header name="Access-Control-Allow-Methods">GET, PUT, POST, DELETE</Header>
</Headers>
</Add>
<IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
<AssignTo createNew="false" transport="http" type="request"/>
</AssignMessage>
在客户端,我使用 Angular (HttpClient)
进行调用
public downloadS2Report(url) {
let headers = new HttpHeaders();
let fullurl = environment.config.fundsApi.concat(url);
headers = headers.set("Authorization", "Bearer *****");
return this.http.get(fullurl, {headers: headers})
.map((response:any) => {
if (response.status == 200) {
var contentType = 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet';
var blob = new Blob([(<any>response)._body], {type: contentType});
return blob;
}
});
}
我可以在 chrome 的调试视图中看到结果,但我在 Angular "Access-Control-Allow-Origin' header is present on the requested resource" 中遇到了著名的错误。我是否错过了 Apigee 配置中的参数?
您需要在所有回复中回复相关的 CORS headers,而不仅仅是 OPTIONS pre-flight 请求。因此,在您的 GET 回复中,您还需要:
<Headers>
<Header name="Access-Control-Allow-Origin">*</Header>
<Header name="Access-Control-Allow-Headers">Content-Length, Content-Disposition, Origin, x-requested-with, Accept, Content-Type, Authorization</Header>
<Header name="Access-Control-Max-Age">3628800</Header>
<Header name="Access-Control-Allow-Methods">GET, PUT, POST, DELETE</Header>
</Headers>
早上好;
也许这个问题被问过100次了,但我真的无法解决。 我在 Apigee 中有响应 OPTIONS 请求的配置。
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage async="false" continueOnError="false" enabled="true" name="AM-AddCors">
<DisplayName>AM-AddCors</DisplayName>
<Properties/>
<Add>
<Headers>
<Header name="Access-Control-Allow-Origin">*</Header>
<Header name="Access-Control-Allow-Headers">Content-Length, Content-Disposition, Origin, x-requested-with, Accept, Content-Type, Authorization</Header>
<Header name="Access-Control-Max-Age">3628800</Header>
<Header name="Access-Control-Allow-Methods">GET, PUT, POST, DELETE</Header>
</Headers>
</Add>
<IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
<AssignTo createNew="false" transport="http" type="request"/>
</AssignMessage>
在客户端,我使用 Angular (HttpClient)
进行调用public downloadS2Report(url) {
let headers = new HttpHeaders();
let fullurl = environment.config.fundsApi.concat(url);
headers = headers.set("Authorization", "Bearer *****");
return this.http.get(fullurl, {headers: headers})
.map((response:any) => {
if (response.status == 200) {
var contentType = 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet';
var blob = new Blob([(<any>response)._body], {type: contentType});
return blob;
}
});
}
我可以在 chrome 的调试视图中看到结果,但我在 Angular "Access-Control-Allow-Origin' header is present on the requested resource" 中遇到了著名的错误。我是否错过了 Apigee 配置中的参数?
您需要在所有回复中回复相关的 CORS headers,而不仅仅是 OPTIONS pre-flight 请求。因此,在您的 GET 回复中,您还需要:
<Headers>
<Header name="Access-Control-Allow-Origin">*</Header>
<Header name="Access-Control-Allow-Headers">Content-Length, Content-Disposition, Origin, x-requested-with, Accept, Content-Type, Authorization</Header>
<Header name="Access-Control-Max-Age">3628800</Header>
<Header name="Access-Control-Allow-Methods">GET, PUT, POST, DELETE</Header>
</Headers>