POST 选项后未调用方法
POST method not being called after OPTIONS
我正在尝试从 angularjs 应用程序
中调用 API
var url = "...";
var myObject = {...};
var config = {
headers : {
'Content-Type': 'application/json;charset=utf-8;'
}
};
$http.post(url, myObject, config).then(function(result){...});
因为它是一个 cross-origin 请求,它会进行预检,所以它会调用 OPTIONS 方法。
这是请求 header:
Host: ...
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Firefox/68.0
Accept: */*
Accept-Language: pt-BR
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://localhost:9000/....
Origin: http://localhost:9000
DNT: 1
Connection: keep-alive
它 returns 为 200 OK,响应 header:
{
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 01 Nov 2019 14:31:29 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Microsoft-IIS/10.0
Vary: X-Requested-With
X-Frame-Options: GOFORIT
X-Powered-By: Nette Framework, ASP.NET
}
但之后它不会执行 POST 调用。我尝试通过 POSTMAN 直接调用 POST 方法,它返回得很好。有什么我想念的吗?
编辑:这是控制台错误:
Possibly unhandled rejection:
{
"data":null,
"status":-1,
"config":{
"method":"POST",
"transformRequest":[null],
"transformResponse":[null],
"jsonpCallbackParam":"callback",
"headers":{
"Content-Type":"application/json;charset=utf-8;",
"Accept":"application/json, text/plain, */*"
},
"url":"...",
"data":{...},
"cached":false
},
"statusText":"",
"xhrStatus":"error"
}
OPTIONS 请求设置了这些 header:
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
所以它询问是否可以执行 POST 请求,包括 "content-type" header。
服务器响应:
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
但它缺少“Access-Control-Allow-Headers”响应 header:
Access-Control-Allow-Headers: content-type
将此添加到 OPTIONS 响应中,您应该没问题。
可能,控制台报错信息为
Reason: missing token ‘content-type’ in CORS header ‘Access-Control-Allow-Headers’ from CORS preflight channel*
即self-explanatory。
像这样将额外的 header 添加到您的 web.config...
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE, OPTIONS" />
<add name="Access-Control-Allow-Headers" value="Origin, X-Requested-With, Content-Type, Accept" />
</customHeaders>
</httpProtocol>
我正在尝试从 angularjs 应用程序
中调用 APIvar url = "...";
var myObject = {...};
var config = {
headers : {
'Content-Type': 'application/json;charset=utf-8;'
}
};
$http.post(url, myObject, config).then(function(result){...});
因为它是一个 cross-origin 请求,它会进行预检,所以它会调用 OPTIONS 方法。 这是请求 header:
Host: ...
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:68.0) Gecko/20100101 Firefox/68.0
Accept: */*
Accept-Language: pt-BR
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: http://localhost:9000/....
Origin: http://localhost:9000
DNT: 1
Connection: keep-alive
它 returns 为 200 OK,响应 header:
{
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Fri, 01 Nov 2019 14:31:29 GMT
Expires: Thu, 19 Nov 1981 08:52:00 GMT
Pragma: no-cache
Server: Microsoft-IIS/10.0
Vary: X-Requested-With
X-Frame-Options: GOFORIT
X-Powered-By: Nette Framework, ASP.NET
}
但之后它不会执行 POST 调用。我尝试通过 POSTMAN 直接调用 POST 方法,它返回得很好。有什么我想念的吗?
编辑:这是控制台错误:
Possibly unhandled rejection:
{
"data":null,
"status":-1,
"config":{
"method":"POST",
"transformRequest":[null],
"transformResponse":[null],
"jsonpCallbackParam":"callback",
"headers":{
"Content-Type":"application/json;charset=utf-8;",
"Accept":"application/json, text/plain, */*"
},
"url":"...",
"data":{...},
"cached":false
},
"statusText":"",
"xhrStatus":"error"
}
OPTIONS 请求设置了这些 header:
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
所以它询问是否可以执行 POST 请求,包括 "content-type" header。
服务器响应:
Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
但它缺少“Access-Control-Allow-Headers”响应 header:
Access-Control-Allow-Headers: content-type
将此添加到 OPTIONS 响应中,您应该没问题。
可能,控制台报错信息为
Reason: missing token ‘content-type’ in CORS header ‘Access-Control-Allow-Headers’ from CORS preflight channel*
即self-explanatory。
像这样将额外的 header 添加到您的 web.config...
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE, OPTIONS" />
<add name="Access-Control-Allow-Headers" value="Origin, X-Requested-With, Content-Type, Accept" />
</customHeaders>
</httpProtocol>