我必须对本地运行的内部API进行get调用,并且返回403错误。我得到的错误是
OPTIONS http://localhost:9070/path/to/api 403 (Forbidden)
Access to fetch at 'http://localhost:9070/path/to/api' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to the preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
我拥有调用此API的正确权限,并尝试绕过CORS问题,但我无法弄清楚。我已经将'mode': 'no-cors'和'Access-Control-Allow-Origin': '*',添加到我的get调用中(如下所示),但仍然收到403错误。
fetch(baseUri + '/path/to/api', {
method: 'get',
headers: {
'Authorization': 'the auth key',
'Access-Control-Allow-Origin': '*',
'mode': 'no-cors'
}
})
.then(response => response.json())
.then(json => console.log(json))
.catch(error => console.log(error.response));
我的服务器端代码包含以下字段
<cors domain="/path/to/api"
allowedOrigins="http://localhost:3000"
allowedMethods="GET, DELETE, POST"
allowCredentials="true"
maxAge="3600" />
感谢您的帮助。另外,这是我第一次发布问题。如果我做错了,请告诉我,我将修改问题:)