Angular 2 CORS在解決承諾時遇到問題

Question

我在Angular進行服務調用，它給了我錯誤

XMLHttpRequest cannot load http://geo.groupkt.com/ip/172.217.3.14/json. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access

當我看到網絡名稱時，我找到了json，當我看到詳細信息時，我找到了響應

Request URL:http://geo.groupkt.com/ip/172.217.3.14/json
Request Method:GET
Status Code:200 OK
Remote Address:127.0.0.1:8888
Response Headers
view source
Age:1
Cache-Control:no-cache, no-store, max-age=0, must-revalidate
Content-Encoding:gzip
Content-Length:232
Content-Type:application/json;charset=UTF-8
Date:Thu, 19 Jan 2017 14:51:51 GMT
Expires:0
Pragma:no-cache
Server:Apache-Coyote/1.1
Vary:Accept-Encoding
Via:1.1 localhost.localdomain
X-Content-Type-Options:nosniff
X-Frame-Options:DENY
X-XSS-Protection:1; mode=block
Request Headers
view source
Accept:application/json, text/plain, */*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8,hi;q=0.6,es;q=0.4
Host:geo.groupkt.com
Origin:http://localhost:3000
Proxy-Connection:keep-alive
Referer:http://localhost:3000/
User-Agent:Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2883.87 Safari/537.36

我現在懷疑，即使網絡說出呼叫，CORS也可能發生？ 為什么然后這樣說，再次當我調試代碼時，我無法取得成功。

Answer 1

CORS可防止對外部服務器進行JavaScript調用（例如，由於XSS）。 要授予您的應用程序權限以連接到您的服務器，它需要回復一些標題：

Access-Control-Allow-Origin: yourHost.com   <the most important one>
Access-Control-Allow-Methods: POST, GET, OPTIONS <list of methods which you want to perform>
Access-Control-Allow-Headers: authorization, content-type
Access-Control-Allow-Credentials: true

更多關於標題： https ： //developer.mozilla.org/en-US/docs/Web/HTTP/Headers section CORS

你可以在這里閱讀更多：

https://www.w3.org/TR/cors https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS