I have a Angular 5 application where i use simple GET request
public getData(url: any): Observable<any> {
return this.HttpClient.get(url).
.map((res) => res)
}
when i send request to server with http protocol - everything working ok (and in network tab of my chromium browser i see only one Access-Control-Allow-Origin: http://127.0.0.1:4200 ), but if i send request to https protocol to same server - i have error:
The 'Access-Control-Allow-Origin' header contains multiple values
'http://127.0.0.1:4200, *', but only one is allowed.
If open network tab - there we can see really two Access-Control-Allow-Origin:
Access-Control-Allow-Origin: http://127.0.0.1
Access-Control-Allow-Origin: *
How i an leave only one origin and why it happens when i use https? Now i cant change CORS on backend :(
From server side - GeoServer on nginx.
My nginx CORS config:
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';
add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';
include this in your web config file.
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Headers" value="Content-Type, X-Your-Extra-Header-Key" />
<add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE,OPTIONS" />
</customHeaders>
</httpProtocol>
Let me know in what language you written your API functionality.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.