问题
I want to allow access to all origins on my server, but my AJAX requests from http://localhost:8100/ in Firefox keep being rejected.
header("Access-Control-Allow-Origin: *"); // allow the use of requests in development (ionic serve in web browser).
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
header("Access-Control-Max-Age", "3600");
header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization");;
"Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://my-domain.com/userLogin. (Reason: CORS header 'Access-Control-Allow-Origin' does not match '*')."
Firefox seems NOT to understand that the "*" character as a "wildcard" origin (and not to be taken literally as the origin). If I change the header as below, this works perfectly.
header("Access-Control-Allow-Origin: http://localhost:8100");
Any idea why Firefox won't accept the "*"?
回答1:
In the case you just want YOUR firefox to enable CORS :
https://addons.mozilla.org/fr/firefox/addon/cors-everywhere/
来源:https://stackoverflow.com/questions/38237187/firefox-does-not-accept-access-control-allow-origin