1. 技术文章
  2. Firebase - Request header field x-firebase-gmpid is not allowed by Access-Control-Allow-Headers in preflight response

Firebase - Request header field x-firebase-gmpid is not allowed by Access-Control-Allow-Headers in preflight response

懵懂的女人 提交于 2020-04-02 16:00:16

问题


My product uses firebase rtdb, firestore, storage, auth, and hosting. I didn't make any changes to my CORS configuration. However, today I started getting the following CORS error while trying to upload images to storage, and retrieve them:

Access to XMLHttpRequest at 'https://firebasestorage.googleapis.com/v0/b/diary-a77f6.appspot.com/o?name=images%2FJ1gU3KPfo1cTHJXhT3iopBqrvVs1%2F-M1Ah4xCQ46GvEZtwgR1%2FBalboa%20Pier%2C%20California%20-%201600x1200%20-%20ID%2027253.jpg' from origin 'https://daybook.app' has been blocked by CORS policy: Request header field x-firebase-gmpid is not allowed by Access-Control-Allow-Headers in preflight response.

I tried Firebase Storage and Access-Control-Allow-Origin, https://cloud.google.com/storage/docs/configuring-cors, and https://firebase.google.com/docs/storage/web/download-files#cors_configuration to no avail.

My hosting config:

{
    "target": "prod",
    "public": "build/production",
    "ignore": [
        "firebase.json",
        "src/firebase/keys.js",
        "**/.*",
        "**/node_modules/**"
    ],
    "rewrites": [
        {
            "source": "**",
            "destination": "/index.html"
        }
    ],
    "headers": [
        {
            "source": "/**",
            "headers": [
                {
                    "key": "Cache-Control",
                    "value": "no-cache, no-store, must-revalidate"
                },
                {
                    "key": "Access-Control-Allow-Headers",
                    "value": "x-firebase-gmpid, Origin, Accept, Content-Type, X-Requested-With, Access-Control-Request-Method,Access-Control-Request-Headers, Authorization"
                }
            ]
        },
        {
            "source": "**/*.@(css|js)",
            "headers": [
                {
                    "key": "Cache-Control",
                    "value": "no-cache, no-store, must-revalidate max-age=0"
                }
            ]
        },
        {
            "source": "**/*.@(eot|otf|ttf|ttc|woff|font.css)",
            "headers": [
                {
                    "key": "Access-Control-Allow-Origin",
                    "value": "*"
                }
            ]
        },
        {
            "source": "**/*.@(jpg|jpeg|gif|png|webp|webp|svg)",
            "headers": [
                {
                    "key": "Cache-Control",
                    "value": "max-age=7200"
                }
            ]
        }
    ]
}

This is what I added recently while trying to fix the issue:

{
    "key": "Access-Control-Allow-Headers",
    "value": "x-firebase-gmpid, Origin, Accept, Content-Type, X-Requested-With, Access-Control-Request-Method,Access-Control-Request-Headers, Authorization"
}

回答1:


I think this was an issue with the Firestore JS client library. I rolled it back to version 7.9.0 from version 7.9.2 and the error went away.

edit: 7.9.3 contains the fix.



来源:https://stackoverflow.com/questions/60456895/firebase-request-header-field-x-firebase-gmpid-is-not-allowed-by-access-contro

标签
reactjs
firebase
cors
firebase-storage
firebase-hosting
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!