Access-Control-Allow-Headers 不允许请求标头字段 Access-Control-Allow-Headers
我正在尝试使用 post 请求将文件发送到我的服务器,但是当它发送时会导致错误:
I'm trying to send files to my server with a post request, but when it sends it causes the error:
Access-Control-Allow-Headers 不允许请求标头字段 Content-Type.
Request header field Content-Type is not allowed by Access-Control-Allow-Headers.
所以我用谷歌搜索了错误并添加了标题:
So I googled the error and added the headers:
$http.post($rootScope.URL, {params: arguments}, {headers: {
"Access-Control-Allow-Origin" : "*",
"Access-Control-Allow-Methods" : "GET,POST,PUT,DELETE,OPTIONS",
"Access-Control-Allow-Headers": "Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With"
}
然后我得到错误:
Access-Control-Allow-Headers 不允许请求标头字段 Access-Control-Allow-Origin
Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers
所以我用谷歌搜索了这个问题,我能找到的唯一类似问题是提供了一半的答案,然后作为离题关闭.我应该添加/删除哪些标题?
So I googled that and the only similar question I could find was provided a half answer then closed as off topic. What headers am I supposed to add/remove?
推荐答案
服务器(POST请求发送到的)需要包含Access-Control-Allow-Headers 标头(等)在其响应中.将它们放入来自客户端的请求中没有任何效果.
The server (that the POST request is sent to) needs to include the Access-Control-Allow-Headers header (etc) in its response. Putting them in your request from the client has no effect.
这是因为由服务器指定它接受跨域请求(并且它允许 Content-Type 请求标头,等等)——客户端无法决定给定服务器本身应该允许 CORS.
This is because it is up to the server to specify that it accepts cross-origin requests (and that it permits the Content-Type request header, and so on) – the client cannot decide for itself that a given server should allow CORS.
相关文章