我尝试使用HttpModule从我的angular2-app(目前为RC5)请求restcountries.eu-API。
此操作失败,并显示以下错误消息:位置中的XMLHttpRequest cannot load https://restcountries.eu/rest/v1/name/deu. Request header field x-xsrf-token is not allowed by Access-Control-Allow-Headers in preflight response.:1
这听起来像我(或有角度)做错了什么。 问题:如何删除不允许的标头?
相关代码行:
import { Http } from '@angular/http';
(..)
constructor(private http: Http) { }
(..)
this.http.get("https://restcountries.eu/rest/v1/name/"+search)
请求预检标题:
OPTIONS /rest/v1/name/deu HTTP/1.1
Host: restcountries.eu
Connection: keep-alive
Access-Control-Request-Method: GET
Origin: http://localhost:4200
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/52.0.2743.116 Chrome/52.0.2743.116 Safari/537.36
Access-Control-Request-Headers: x-xsrf-token
Accept: */*
Referer: http://localhost:4200/admin/locations
Accept-Encoding: gzip, deflate, sdch, br
Accept-Language: de,eo;q=0.8,en-US;q=0.6,en;q=0.4,nl;q=0.2
预检的响应标题:
HTTP/1.1 200 OK
Date: Sat, 01 Oct 2016 12:48:56 GMT
Server: Apache-Coyote/1.1
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET
Access-Control-Allow-Headers: Accept, X-Requested-With
Cache-Control: public, max-age=86400
Allow: HEAD, GET, OPTIONS
Content-Type: text/plain
Vary: Accept-Encoding
Content-Encoding: gzip
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked