堆栈内存溢出
  简体   繁体   English

CORS 策略:无法解析预检响应中的 Access-Control-Allow-Headers 响应头字段

[英]CORS policy: Cannot parse Access-Control-Allow-Headers response header field in preflight response

 原文  2021-06-28 16:42:16       java/ angular/ cors

问题描述

I have a CORS issue with my angular & spring boot app.我的 angular & spring boot 应用程序存在 CORS 问题。 I don't understand what it is.我不明白它是什么。

CORS policy error CORS 政策错误

My angular code :我的角度代码: 

 login(user : User) { return this.http.post<User>(this.apiURL+'/login', user , {observe:'response'}); }

and to the server side, i allow cross origin like that在服务器端,我允许像那样交叉原点

 response.addHeader("Access-Control-Allow-Origin", "*"); response.addHeader("Access-Control-Allow-Methods", "GET,HEAD,OPTIONS,POST,PUT,DELETE"); response.addHeader("Access-Control-Allow-Headers", "Access-Control-Allow-Headers," + "Origin, Accept, X - Requested - With, Content - Type, Access - Control - Request - Method," + "Access - Control - Request - Headers, Authorization"); response.addHeader("Access-Control-Expose-Headers", "Authorization, Access-ControlAllow-Origin,Access-Control-Allow-Credentials "); if (request.getMethod().equals("OPTIONS")) { response.setStatus(HttpServletResponse.SC_OK); return; }

1 个解决方案

解决方案1
 0  2021-06-28 18:01:30

In your Spring application you should have a security configuration file, you can call it SecurityConfig.java.在您的 Spring 应用程序中,您应该有一个安全配置文件,您可以将其命名为 SecurityConfig.java。

@Configuration
public class SecurityConfig extends WebSecurityConfigurerAdapter {

@Override
    protected void configure(HttpSecurity httpSecurity) throws Exception {
        httpSecurity
                .cors()
                .configurationSource(corsConfigurationSource())
                // other config here
    }

 CorsConfigurationSource corsConfigurationSource() {
    CorsConfiguration configuration = new CorsConfiguration();
    configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PUT", "DELETE"));

    UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
    source.registerCorsConfiguration("/**", configuration.applyPermitDefaultValues());
    return source;
}

} }

Try this and see if it works.试试这个,看看它是否有效。

In your Spring Controller you should also have this annotation before your controller class @CrossOrigin(origins = "http://localhost:4200") Check if 4200 is the port you use for your Angular app, if not change it with your port.在您的 Spring Controller 中,您还应该在控制器类之前添加此注释 @CrossOrigin(origins = "http://localhost:4200") 检查 4200 是否是您用于 Angular 应用程序的端口,如果不是用您的端口更改它。

@CrossOrigin(origins = "http://localhost:4201")
@RestController
public class YourController {
....

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在飞行前响应中,Access-Control-Allow-Headers不允许在Request标头字段中使用cors enable Access-Control-Allow-Origin - cors enable in Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers in preflight response 预检响应中的 Access-Control-Allow-Headers 不允许请求标头字段 - Request header field is not allowed by Access-Control-Allow-Headers in preflight response 预检响应中的 Access-Control-Allow-Headers 不允许请求 header 字段 x-xsrf-token - Request header field x-xsrf-token is not allowed by Access-Control-Allow-Headers in preflight response 预检响应中的 Access-Control-Allow-Headers 不允许请求 header 字段 ack 即使服务器已经允许它 - Request header field ack is not allowed by Access-Control-Allow-Headers in preflight response even the server already allowing it Angular Spring Boot:重定向错误:在飞行前响应中Access-Control-Allow-Headers不允许请求标头字段Content-Type - Angular Spring Boot: Redirection error: Request header field Content-Type is not allowed by Access-Control-Allow-Headers in preflight response JAX-RX - 被 CORS 策略阻止:预检响应中的 Access-Control-Allow-Methods 不允许方法 PATCH - JAX-RX - Blocked by CORS policy: Method PATCH is not allowed by Access-Control-Allow-Methods in preflight response 访问已被 CORS 策略阻止,即使预检响应成功“Access-Control-Allow-Origin”通配符存在 - Access has been blocked by CORS policy even though preflight Response is successful 'Access-Control-Allow-Origin' wildcard exists CORS 策略:对预检请求的响应未通过访问控制检查:它没有 HTTP ok 状态 - CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status 对预检请求的响应未通过访问控制检查:不存在“Access-Control-Allow-Origin”标头 - Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present CORS 策略已阻止从源访问 XMLHttpRequest:对预检请求的响应未通过访问控制检查: - Access to XMLHttpRequest from origin has been blocked by CORS policy: Response to preflight request doesn't pass access control check:
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM