[英]ANGULAR: No 'Access-Control-Allow-Origin' header is present on the requested resource
[英]Randomly got No 'Access-Control-Allow-Origin' header is present
我用 EXPRESS.js 构建了一个 CDN 服务器,把它放在子域上,然后使用cors
package 来启用 CORS
var app = express();
app.use(cors({
methods: "GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS",
}));
function shouldCompress (req, res) {
if (req.headers['x-no-compression']) return false
return compression.filter(req, res)
}
app.use(compression({filter: shouldCompress}))
app.use(requestIp.mw());
app.use(helmet());
app.use(bodyParser.urlencoded({limit: '5mb', extended: false}));
app.use(bodyParser.json({limit: '5mb'}));
app.use(bodyParser.text({type: 'text/plain',limit: '5mb'}));
app.use(cookieParser());
但有时由于 CORS 政策,我的网站无法正确加载。
我使用https://www.test-cors.org
使用GET
和OPTIONS
测试这些链接。 一切都很好。
Access to XMLHttpRequest at 'https://cdn.boghrat.com//adm/notif.html' from origin 'https://boghrat.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
用这个
app.use(function (req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header(
"Access-Control-Allow-Methods",
"GET,HEAD,PUT,POST,OPTIONS,UPDATE,DELETE"
);
res.header(
"Access-Control-Allow-Headers",
"Origin, X-Requested-With, Content-Type, Accept, Authorization, token"
);
next();
});
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.