[英]request blocked by CORS policy even after setting headers
我编写了一个云函数,它接受请求并对请求执行处理。 当它来自相同的 API 域时,它按预期工作。 但是在跨 API 请求的情况下,我收到以下错误:
Access to XMLHttpRequest at ’URL' from origin ‘URL2’ has been blocked by CORS policy: Response to preflight request doesn’t pass access control check: No ‘Access-Control-Allow-Origin’ header is present on the requested resource.
即使我已经按照谷歌云平台的建议更改了代码,但它不起作用
if request.method == 'OPTIONS':
headers = {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'POST',
'Access-Control-Allow-Headers': 'Authorization',
'Access-Control-Max-Age': '3600',
'Access-Control-Allow-Credentials': 'true'
}
return ("",200,headers)
headers = {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'POST',
'Access-Control-Allow-Headers': 'Authorization',
'Access-Control-Max-Age': '3600',
'Access-Control-Allow-Credentials': 'true'
}
return ("Successfully inserted",200,headers)
在python中发送OPTIONS请求时,标题是
{'Access-Control-Allow-Credentials': 'true', 'Access-Control-Allow-Headers': 'Authorization', 'Access-Control-Allow-Methods': 'POST', 'Access-Control-Allow-Origin': '*', 'Access-Control-Max-Age': '3600', 'Content-Type': 'text/html; charset=utf-8', 'Function-Execution-Id': '6bkxaumbvg7x', 'X-Cloud-Trace-Context': '2fd8aec285f8af1d36c8c45ff1184a20;o=1', 'Date': 'Mon, 25 Mar 2019 09:41:08 GMT', 'Server': 'Google Frontend', 'Content-Length': '0', 'Alt-Svc': 'quic=":443"; ma=2592000; v="46,44,43,39"'}
请指教
我刚刚注释掉了下面用于向 python 代码发送请求的 AJAX 命令
//xhr.withCredentials = true;
//xhr.setRequestHeader("Postman-Token", "cecaf566-fd7a-4992-8b65-cc66c074f264");
它奏效了。 很抱歉没有首先发布 AJAX,因为我认为问题是从服务器端响应请求。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.