1. 技术文章
  2. IBM Watson Conversation API: “Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response”

IBM Watson Conversation API: “Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response”

北战南征 提交于 2019-12-20 05:34:04

问题


I created a React-Native app that connected to the Watson REST APIs. Using the fetch library that is part of the ReactNative, everything was working well for getting the Workspaces list, like this:

    const myAuth = new Buffer(USR+':'+PWD).toString('base64');
    const myInit = {
        method: 'GET',
        headers: {
            'Accept': 'application/json',
            'Content-Type': 'application/json',
            'Origin': '',
            'Authorization': 'Basic ' + myAuth,
        }
    };

    return fetch(URL, myInit)
        .then((response) => response.json())
        .then((responseJson) => { ... }

I am now moving to React (rather than ReactNative) and the whatwg-fetch library. The same code does not work. First I got the error that:

Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response.

Then reading the tens of threads about these type of issues it just became black magic. Adding headers for Access-Control-Allow-Methods, Access-Control-Allow-Headers, and the such. Nothing really worked so far. Eventually the problem became:

Request header field access-control-allow-headers is not allowed by Access-Control-Allow-Headers in preflight response.

Can someone point me please to an example or code that works please?

==============

UPDATES ...

Thank you @sideshowbarker and @FakeRainBrigand. I guess then a server side is a must for the browser client app.


回答1:


The browser is refusing to send your request because the server you're sending the request to hasn't enabled CORS, at least not with those headers.

The only solution without modifying the server you're targeting is to write your own server that makes the request on behalf of the client.




回答2:


Remove whatever client-side code is setting the Access-Control-Allow-Headers request header.

The header is a response header CORS-enabled servers send. You don’t set it from the client side.

Based on the error messages cited in the question, it sound like the server may already be correctly configured to send the right Access-Control-* headers. (Otherwise you’d instead be getting an error saying there’s no Access-Control-Allow-Origin in the response.)

The only error identifiable from the information in the question at this point is just that problem of the request including an Access-Control-Allow-Headers request header that shouldn’t be there.



来源:https://stackoverflow.com/questions/42358794/ibm-watson-conversation-api-request-header-field-authorization-is-not-allowed

标签
reactjs
react-native
cors
fetch-api
watson-conversation
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!