发表新帖
发表新帖

cors enable in Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers in preflight response

前端 未结
关注
1 862
Happy的楠姐
Happy的楠姐 2020-12-22 07:23

I\'m using spring boot service for backend and and angular 6 for frontend.

In spring boot i enabled cors using.

 @Override
 public void addCorsMappin
1条回答
  • 庸人自扰
    庸人自扰 (楼主)
    2020-12-22 07:55

    Got Answer...

    Removed this.headers.set("Access-Control-Allow-Origin", "*") from your frontend

    and

    added in backend in intercepter response..

    response.setHeader("Access-Control-Allow-Headers", "Authorization,Content-Type, Content-Range, Content-Disposition, Content-Description,Origin, X-Requested-With, sessionId"); response.setHeader("Access-Control-Allow-Origin", "*");

    When you start playing around with custom request headers you will get a CORS preflight. This is a request that uses the HTTP OPTIONS verb and includes several headers, one of which being Access-Control-Request-Headers listing the headers the client wants to include in the request.

You need to reply to that CORS preflight with the appropriate CORS headers to make this work. One of which is indeed Access-Control-Allow-Headers. That header needs to contain the same values the Access-Control-Request-Headers header contained (or more).

https://fetch.spec.whatwg.org/#http-cors-protocol explains this setup in more detail.

    solution is here

    0 讨论(0)
 看不清?
提交回复
热议问题