angular2将自定义标头添加到POST请求

时间:2017-07-10 11:05:32

标签: angular cors angular-http

我正在通过POST向某个数据提交API请求,但我一直收到错误request header field UniqueClientID is not allowed by Access-Control-Allow-Headers in preflight response

此标头专门添加到请求中,但CORS预检选项请求阻止它。如何在请求和响应中允许此标头?

这是我的函数调用

fetchReservation(reservationID: number) {
    let URI = `${AppService.API_URI}${AppService.MOBILE_PATH}${AppService.PROPERTY_ID}/reservation/${reservationID}`;
    let headers = new Headers();
    headers.append('Authorization', 'Bearer ' + AppService.AUTH_TOKEN);
    headers.append('UniqueClientID', '0');

    return this._http.post(URI, '', { headers: headers })
      // ...and calling .json() on the response to return data
      .map((res: Response) => res)
      //...errors if any
      .catch(this._errorHandler);
  }

API正在运行.NET后端,所有CORS请求都通过[EnableCors(origins: "*", headers: "*", methods: "*")]启用所有GET请求都正常工作

3 个答案:

答案 0 :(得分:0)

在你的后端你应该允许访问,这里有一个PHP示例:

header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST');
header('Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers');

如果您不允许在后端使用跨域,则无法访问该域。

希望它有所帮助! ;)

答案 1 :(得分:0)

您使用的是用于服务器端开发的任何技术。在每个回复中,您必须在服务器端包含 library(shiny) ymax <- 100 ymin <- 0 ui <- fluidPage( sidebarPanel( h3("See"), numericInput("yinter", "Vertical interval (m)", min = 0, max = ymax, value = 50, step = 0.5), numericInput("movepercent", "Scroll interval (%)", min = 0, max = 100, value = 15, step = 5), numericInput("heightNumeric", "Height (m)", min = ymin, max = ymax, value = ymin, step = 1), sliderInput("heightSlider","Height (m)",min = ymin, max = ymax, value = ymin,step=0.01), actionButton("up","",icon("arrow-up"), width = "100%"), actionButton("down","",icon("arrow-down"), width = "100%",""), width=2 ), sidebarPanel( plotOutput("plot1",height = 800) ) ) server <- function(input, output, clientData, session) { values <- reactiveValues(i = 0) values$i <- 0 observeEvent(input$up, { values$i <- values$i + input$yinter*(input$movepercent/100) }, priority = 1) observeEvent(input$down, { values$i <- values$i - input$yinter*(input$movepercent/100) }, priority = 2) observeEvent(input$heightSlider, { values$i <- input$heightSlider }, priority = 3) observeEvent(input$heightNumeric, { values$i <- input$heightNumeric }, priority = 4) observe({ if (input$up==0 & input$down==0) return() isolate({ updateNumericInput(session,"heightNumeric",value = values$i) }) }) observe({ if (input$up==0 & input$down==0) return() isolate({ updateSliderInput(session,"heightSlider",value = values$i) }) }) output$plot1 <- renderPlot({ plot(seq(from=0,to=1,by=0.0001),seq(from=0,to=100,by=0.01), type="l",ylim=c(values$i-input$yinter/2, values$i+input$yinter/2)) }) } shinyApp(ui = ui, server = server) 等响应标头

答案 2 :(得分:0)

response.header(&#39; Access-Control-Allow-Origin:*&#39;);

response.header(&#39; Access-Control-Allow-Methods:GET,POST&#39;);

response.header(&#39; Access-Control-Allow-Headers:X-Requested-With,content-type,access-control-allow-origin,access-control-allow-methods,access-control-allow -headers&#39);

response.header(&#39; Access-Control-Allow-Credentials:true&#39;);

哈克: -

如果您在chrome上运行它,您也可以通过以下命令禁用它: -

打开运行 - &gt;

chrome.exe --user-data-dir =&#34; C:// Chrome开发者会话&#34; - 禁用网络的安全性

在打开的窗口中浏览。我希望你能通过这个运行应用程序。