我收到错误:' Access-Control-Allow-Origin'标题包含多个值' *,*',但只允许一个。当我从我的应用程序进行Post Service调用时。
这不是webapi服务电话的问题,因为当我跟踪来自fiddler的电话时,我得到结果200 。但是从$ http.post调用即使在我获得200结果后也会抛出错误。我不知道为什么。它适用于IE,但它不适用于Chrome或Firefox。
在chrome和Firefox中抛出我: XMLHttpRequest无法加载** url 。 ' Access-Control-Allow-Origin'标头包含多个值' *,*',但只允许一个。因此,不允许来源 url 访问。**
请建议我需要将Chrome和Firefox中的哪些设置更改为符文。
$http.post(serviceBase + 'token', data, { headers: { 'Content-Type': 'application/x-www-form-urlencoded' } }).success(function (response) {
if (loginData.useRefreshTokens) {
localStorageService.set('authorizationData', { token: response.access_token, userName: loginData.userName, refreshToken: response.refresh_token, useRefreshTokens: true });
}
else {
localStorageService.set('authorizationData', { token: response.access_token, userName: loginData.userName, refreshToken: "", useRefreshTokens: false });
}
_authentication.isAuth = true;
_authentication.userName = loginData.userName;
_authentication.useRefreshTokens = loginData.useRefreshTokens;
deferred.resolve(response);
}).error(function (err, status) {
_logOut();
deferred.reject(err);
});

答案 0 :(得分:0)
如果您使用JAVA作为后端服务,则可能需要对HTTPRequests应用CORS过滤器。您可以通过添加如下所示的filterClass来完成此操作...
@Component
public class CorsFilter extends OncePerRequestFilter{
protected static Logger logger = LoggerFactory.getLogger(CorsFilter.class);
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain)
throws ServletException, IOException {
logger.info("entering FILTER page");
if (request.getHeader("Access-Control-Request-Method") != null && "OPTIONS".equals(request.getMethod())) {
// CORS "pre-flight" request
response.addHeader("Access-Control-Allow-Origin", "*");
response.addHeader("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
response.addHeader("Access-Control-Max-Age", "1800");//30 min
}
//This will filter your requests and responses.
filterChain.doFilter(request, response);
}
}