没有 'Access-Control-Allow-Origin' header 尽管指定了 allowedOrigins
No 'Access-Control-Allow-Origin' header despite specifying allowedOrigins
我的 allowedOrigins 是否指定正确?
spring:
cloud:
gateway:
default-filters:
args:
retries: 3
globalcors:
corsConfigurations:
'[/**]':
allowedOrigins: "*"
allowedMethods:
- GET
- POST
- PUT
- DELETE
- OPTIONS
我仍然得到错误:
... blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
但我不确定从这里到哪里去。
编辑:客户端代码在这里:
export const restClient = (jwtToken = null) => {
const nonSecureOptions = {
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
},
};
const secureOptions = {
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'Content-Encoding': 'application/json',
'Authorization': `Bearer ${jwtToken}`,
},
};
const getDefaultOptions = (jwtToken) => jwtToken ? secureOptions : nonSecureOptions;
return {
get: (url, options = {}) => axios.get(url, { ...getDefaultOptions(jwtToken), ...options }),
post: (url, data, options = {}) => axios.post(url, data, { ...getDefaultOptions(jwtToken), ...options }),
put: (url, data, options = {}) => axios.put(url, data, { ...getDefaultOptions(jwtToken), ...options }),
delete: (url, options = {}) => axios.delete(url, { ...getDefaultOptions(jwtToken), ...options })
};
};
它被称为
const response = await restClient(token).get(myurl)
因为
- 您明确将
Authorization header(唯一的 so-called non-wildcard request-header name)附加到您的请求中,并且
- you're specifying
application/json as the value of the Content-Type request header,
您还需要明确允许那些 headers:
globalcors:
corsConfigurations:
'[/**]':
allowedOrigins: "*"
allowedMethods:
- GET
- POST
- PUT
- DELETE
- OPTIONS
allowedHeaders:
- Authorization
- Content-Type
我的 allowedOrigins 是否指定正确?
spring:
cloud:
gateway:
default-filters:
args:
retries: 3
globalcors:
corsConfigurations:
'[/**]':
allowedOrigins: "*"
allowedMethods:
- GET
- POST
- PUT
- DELETE
- OPTIONS
我仍然得到错误:
... blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
但我不确定从这里到哪里去。
编辑:客户端代码在这里:
export const restClient = (jwtToken = null) => {
const nonSecureOptions = {
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
},
};
const secureOptions = {
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'Content-Encoding': 'application/json',
'Authorization': `Bearer ${jwtToken}`,
},
};
const getDefaultOptions = (jwtToken) => jwtToken ? secureOptions : nonSecureOptions;
return {
get: (url, options = {}) => axios.get(url, { ...getDefaultOptions(jwtToken), ...options }),
post: (url, data, options = {}) => axios.post(url, data, { ...getDefaultOptions(jwtToken), ...options }),
put: (url, data, options = {}) => axios.put(url, data, { ...getDefaultOptions(jwtToken), ...options }),
delete: (url, options = {}) => axios.delete(url, { ...getDefaultOptions(jwtToken), ...options })
};
};
它被称为
const response = await restClient(token).get(myurl)
因为
- 您明确将
Authorizationheader(唯一的 so-called non-wildcard request-header name)附加到您的请求中,并且 - you're specifying
application/jsonas the value of theContent-Typerequest header,
您还需要明确允许那些 headers:
globalcors:
corsConfigurations:
'[/**]':
allowedOrigins: "*"
allowedMethods:
- GET
- POST
- PUT
- DELETE
- OPTIONS
allowedHeaders:
- Authorization
- Content-Type