预检响应中的Access-Control-Allow-Headers不允许使用Angularjs Request头字段Access-Control-Allow-Headers

时间:2016-05-11 18:57:39

标签: javascript angularjs node.js

我知道有很多重复的问题。我尝试了那里给出的所有解决方案,但仍然无效。

  

XMLHttpRequest无法加载http://localhost:3000/api/create。在预检响应中,Access-Control-Allow-Headers不允许使用请求标题字段Access-Control-Allow-Headers。

     

angularjs代码 

$httpProvider.defaults.headers.common = {};
        $httpProvider.defaults.headers.post = {};
        $httpProvider.defaults.headers.put = {};
        $httpProvider.defaults.headers.patch = {};
        $httpProvider.defaults.headers.get = {};
        $httpProvider.defaults.headers.common['Access-Control-Allow-     Headers'] = '*';
        $httpProvider.defaults.useXDomain = true;
        delete $httpProvider.defaults.headers.common['X-Requested-With'];

        $httpProvider.interceptors.push(['$injector',function($injector) {
            var mainFactory = $injector.get('mainFactory');
            return {
                request: function(config) {
                    var token = mainFactory.getToken();
                    config.headers.Authorization = 'Basic '+token;
                    return config;
                },

                response: function(response) {
                    return response;
                }
            };
}]);
  

nodejs代码

app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header('Access-Control-Allow-Methods','GET,PUT,POST,DELETE,OPTIONS');
res.header('Access-Control-Allow-Headers','Content-Type,Authorization');
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Accept");
next();
});

3 个答案:

答案 0 :(得分:2)

感谢您的评论。我通过安装一个npm包cors修复了它。我认为错误发生在服务器端,就像@Katana314提到的那样。

    $httpProvider.defaults.headers.common = {};
    $httpProvider.defaults.headers.post = {};
    $httpProvider.defaults.headers.put = {};
    $httpProvider.defaults.headers.patch = {};
    $httpProvider.defaults.headers.get = {};
    $httpProvider.defaults.headers.common['Access-Control-Allow-Headers'] = '*';
    $httpProvider.defaults.useXDomain = true;
    delete $httpProvider.defaults.headers.common['X-Requested-With'];
  

所有这些默认标题也可以删除。它工作正常。

答案 1 :(得分:1)

这是后端问题。如果在后端使用sails api更改 cors.js 并在此处添加所有标头文件

module.exports.cors = {
  allRoutes: true,
  origin: '*',
  credentials: true,
  methods: 'GET, POST, PUT, DELETE, OPTIONS, HEAD',
  headers: 'Origin, X-Requested-With, Content-Type, Accept, Engaged-Auth-Token'
};

答案 2 :(得分:-1)

jQuery(document).ready( function($) {
    $('.icon.icon-arrow-right').one("click", function(){
        function adBlockDetected() {
          $(".single-gallery div.owl-wrapper div.owl-item:eq(3)").remove();           
           $(".single-gallery div.owl-wrapper div.owl-item:eq(3)").append("<div class='panel-display'><div class='panel_content'>We noticed that you are using an ad blocker</div></div>");
        }
        function adBlockNotDetected() {


        }

        if(typeof blockAdBlock === 'undefined') {
          adBlockDetected();
        } else {
          blockAdBlock.setOption({ debug: true });
          blockAdBlock.onDetected(adBlockDetected).onNotDetected(adBlockNotDetected);
        }

        function checkAgain() {
          $('#block-adb-enabled').hide();
          $('#block-adb-not-enabled').hide();
          // setTimeout 300ms for the recheck is visible when you click on the button
          setTimeout(function() {
            if(typeof blockAdBlock === 'undefined') {
              adBlockDetected();
            } else {
              blockAdBlock.onDetected(adBlockDetected).onNotDetected(adBlockNotDetected);
              blockAdBlock.check();
            }
          }, 300);
        }
    });
  });
相关问题
最新问题