[英]XMLHttpRequest cannot load. Request header field password is not allowed by Access-Control-Allow-Headers in preflight response
執行ajax請求時收到以下錯誤消息
XMLHttpRequest cannot load. Request header field password is not allowed by Access-Control-Allow-Headers in preflight response.
我將以下內容用作dojo的標頭:
'Authorization': 'Bearer ' + this.data.token,
'X-Requested-With': null,
'If-None-Match': null,
'Password': this.data.oneTimePassword
下圖來自Chrome的Response Header。
我想知道:
您能否確認問題與不包含自定義標頭password Access-Control-Allow-Headers ?
如果端點僅支持方法GET,則響應頭中的Access-Control-Allow-Methods: GET, POST, PUT, OPTIONS是否正確,而不應該僅是Access-Control-Allow-Methods: GET ?
目前,我正在使用dojo/store/JsonRest但我認為問題與API有關,而與dojo本身無關。
“與Access-Control-Allow-Headers有關的問題不包含自定義標頭密碼嗎?
是。 錯誤消息明確指出。
如果端點僅支持方法GET,我的API中的Access-Control-Allow-Methods是否正確?
FSVO正確。
它允許GET,因此您可以發出GET請求。
它還允許其他方法,如果瀏覽器嘗試使用其中一種方法發出請求,則服務器可能會拋出405。
預檢響應中的 Access-Control-Allow-Headers 不允許 XMLHttpRequest 請求標頭字段 postman-token
[英]XMLHttpRequest Request header field postman-token is not allowed by Access-Control-Allow-Headers in preflight response
請求標頭字段Access-Control-Allow-Headers在預檢響應中不允許使用Access-Control-Allow-Headers
[英]Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers in preflight response
XMLHttpRequest 已被 CORS 策略阻止:請求 header 字段內容類型在預檢響應中不允許訪問控制允許標頭
[英]XMLHttpRequest has been blocked by CORS policy: Request header field content-type is not allowed by Access-Control-Allow-Headers in preflight response
飛行前響應中的Access-Control-Allow-Headers不允許請求標頭字段Access-Control-Request-Methods
[英]Request header field Access-Control-Request-Methods is not allowed by Access-Control-Allow-Headers in preflight response
預檢響應中的 Access-Control-Allow-Headers 不允許 Angularjs 請求標頭字段 Access-Control-Allow-Headers
[英]Angularjs Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers in preflight response
請求標頭字段在預檢響應中,Access-Control-Allow-Headers不允許使用If-None-Match
[英]Request header field If-None-Match is not allowed by Access-Control-Allow-Headers in preflight response
預檢響應中的 Access-Control-Allow-Headers 不允許請求標頭字段身份驗證
[英]Request header field authentication is not allowed by Access-Control-Allow-Headers in preflight response
預檢響應中的 Access-Control-Allow-Headers 不允許請求 header 字段授權
[英]Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response
NodeJS + ExpressJS:預檢響應中的 Access-Control-Allow-Headers 不允許請求標頭字段
[英]NodeJS + ExpressJS: Request header field not allowed by Access-Control-Allow-Headers in preflight response
預檢響應中的 Access-Control-Allow-Headers 不允許請求頭字段授權。 (nginx)
[英]Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response. (nginx)
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.