即使添加了身份验证令牌以获取艺术家的播放列表,Spotify API也会出现CORS错误

时间:2017-08-05 16:05:47

标签: angular cors spotify preflight

使用Spotify的API访问艺术家的播放列表需要使用身份验证令牌。我正在使用此link中显示的方法,但我收到以下错误:“预检响应中的Access-Control-Allow-Headers不允许请求标头字段0。”

平台:Ubuntu;浏览器:谷歌浏览器

更新:我的Angular服务用于检索艺术家的播放列表。

import { Injectable } from '@angular/core';
import { Http, Headers, Response, RequestOptions } from '@angular/http';
import 'rxjs/add/operator/map';

@Injectable()
export class SpotifyService {

  private searchUrl: string;
  private authToken: string= "My auth token here";

  constructor( private _http: Http ) { }

  get( query: string, type= "artist" ){

    let headers = new Headers([
      { 'Authorization': 'Bearer ' + this.authToken },
      { 'Accept': 'application/json' }
    ]); // ... Set content type to JSON
    let options = new RequestOptions({ headers: headers }); // Create a request option
    this.searchUrl = "https://api.spotify.com/v1/search?q=" + query + "&type=artist&market=US";

    return this._http.get( this.searchUrl, options )
          .map( response=> response.json() );
   }

}

Update2:添加请求和响应标头:

请求标题 Accept:*/* Accept-Encoding:gzip, deflate, br Accept-Language:en-US,en;q=0.8 Access-Control-Request-Headers:0,1,2 Access-Control-Request-Method:GET Connection:keep-alive DNT:1 Host:api.spotify.com Origin:http://localhost:4200 Referer:http://localhost:4200/ User-Agent:Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36

响应标题 Access-Control-Allow-Credentials:true Access-Control-Allow-Headers:Accept, Authorization, Origin, Content-Type Access-Control-Allow-Methods:GET, POST, OPTIONS, PUT, DELETE Access-Control-Allow-Origin:* Access-Control-Max-Age:604800 Connection:keep-alive Content-Length:0 Date:Sun, 06 Aug 2017 03:30:56 GMT Keep-Alive:timeout=600 Server:nginx Strict-Transport-Security:max-age=31536000; X-Content-Type-Options:nosniff

1 个答案:

答案 0 :(得分:1)

HTTP标头未传递给您的请求。

Angular的Headers构造函数需要一个对象,而不是一个数组。

您的代码应如下所示:

let headers = new Headers({
    'Authorization': 'Bearer ' + this.authToken,
    'Accept': 'application/json'
}); // ... Set content type to JSON