[英]XMLHttpRequest cannot load. Request header field password is not allowed by Access-Control-Allow-Headers in preflight response
执行ajax请求时收到以下错误消息
XMLHttpRequest cannot load. Request header field password is not allowed by Access-Control-Allow-Headers in preflight response.
我将以下内容用作dojo的标头:
'Authorization': 'Bearer ' + this.data.token,
'X-Requested-With': null,
'If-None-Match': null,
'Password': this.data.oneTimePassword
下图来自Chrome的Response Header。
我想知道:
您能否确认问题与不包含自定义标头password Access-Control-Allow-Headers ?
如果端点仅支持方法GET,则响应头中的Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS是否正确,而不应该仅是Access-Control-Allow-Methods: GET ?
目前,我正在使用dojo/store/JsonRest但我认为问题与API有关,而与dojo本身无关。
“与Access-Control-Allow-Headers有关的问题不包含自定义标头密码吗?
是。 错误消息明确指出。
如果端点仅支持方法GET,我的API中的Access-Control-Allow-Methods是否正确?
FSVO正确。
它允许GET,因此您可以发出GET请求。
它还允许其他方法,如果浏览器尝试使用其中一种方法发出请求,则服务器可能会抛出405。
预检响应中的 Access-Control-Allow-Headers 不允许 XMLHttpRequest 请求标头字段 postman-token
[英]XMLHttpRequest Request header field postman-token is not allowed by Access-Control-Allow-Headers in preflight response
请求标头字段Access-Control-Allow-Headers在预检响应中不允许使用Access-Control-Allow-Headers
[英]Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers in preflight response
XMLHttpRequest 已被 CORS 策略阻止:请求 header 字段内容类型在预检响应中不允许访问控制允许标头
[英]XMLHttpRequest has been blocked by CORS policy: Request header field content-type is not allowed by Access-Control-Allow-Headers in preflight response
飞行前响应中的Access-Control-Allow-Headers不允许请求标头字段Access-Control-Request-Methods
[英]Request header field Access-Control-Request-Methods is not allowed by Access-Control-Allow-Headers in preflight response
预检响应中的 Access-Control-Allow-Headers 不允许 Angularjs 请求标头字段 Access-Control-Allow-Headers
[英]Angularjs Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers in preflight response
请求标头字段在预检响应中,Access-Control-Allow-Headers不允许使用If-None-Match
[英]Request header field If-None-Match is not allowed by Access-Control-Allow-Headers in preflight response
预检响应中的 Access-Control-Allow-Headers 不允许请求标头字段身份验证
[英]Request header field authentication is not allowed by Access-Control-Allow-Headers in preflight response
预检响应中的 Access-Control-Allow-Headers 不允许请求 header 字段授权
[英]Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response
NodeJS + ExpressJS:预检响应中的 Access-Control-Allow-Headers 不允许请求标头字段
[英]NodeJS + ExpressJS: Request header field not allowed by Access-Control-Allow-Headers in preflight response
预检响应中的 Access-Control-Allow-Headers 不允许请求头字段授权。 (nginx)
[英]Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response. (nginx)
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.