完整的错误消息是: 对预检请求的响应未通过访问控制检查:所请求的资源上没有“ Access-Control-Allow-Origin”标头。
我已经在同一IP地址上编写了Rest服务和前端应用程序。当前端服务调用其余服务时,它将给出该错误。
我通常将所有Response对象构建如下:
return Response.ok().status(200).entity("WORKED")
.header("Access-Control-Allow-Origin", "*")
.header("Access-Control-Allow-Headers","Origin, X-Requested-With, Content-Type, Accept")
.header("Access-Control-Allow-Methods", "GET").build();
很显然,我正在向Response添加Access-Control-Allow-Origin标头,那该怎么办?我还测试了这些标头实际上是通过添加和删除它们而添加到响应中的,并查看响应中标头的外观
AJAX通话:
$("#submitButton")
.click(function() {
$.ajax({
url: "http://someipaddress:8080/InternalEmailProject/rest/service/auth",
headers: {
"Access-Control-Allow-Origin" : "*", // Required for CORS support to work
"Access-Control-Allow-Credentials" : true ,
'Access-Control-Max-Age': '3600',
'Access-Control-Allow-Headers': 'Content-Type, Authorization, x-id, Content-Length, X-Requested-With',
'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, OPTIONS',
'emailAddress': [$( "#inputOne").val()],
'password': [$( '#inputTwo').val()]},
method: 'GET',
async: true,
success: function(
resultData) {
if(resultData==="DIDNT WORK"){
$("h1").html(
"Bad Username/Password");
}
else {
document.cookie = "username=" +
$("#inputOne").val();
window.location
// .replace("http://localhost:8080/InternalEmailProject/mainscreen.html");
.replace("http://localhost:8080/InternalEmailProject/mainscreen.html");
}
}
});
});