CORS失败,但CORS头存在,错误:预检响应中的Access-Control-Allow-Header不允许Cache-Control

时间:2017-10-10 21:00:42

标签: spring-boot cors

在尝试向我的弹簧后端发送请求时,Chrome中的开发面板中出现两个错误。我已经设置了一个CORS servlet过滤器来添加标头。我得到的错误是:

main.7851a9cd.js:1 Error during service worker registration: 
DOMException: Only secure origins are allowed (see: tinyUrl removed).
(anonymous) @ main.7851a9cd.js:1
Promise rejected (async)
o @ main.7851a9cd.js:1
(anonymous) @ main.7851a9cd.js:1
/#/join:1 Failed to load http://ec2-54-148-176-27.us-west-
2.compute.amazonaws.com:8282/register_by_email: Request header field 
Cache-Control is not allowed by Access-Control-Allow-Headers in 
preflight response.

我的过滤器:

@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
    log.debug("CORSFilter.doFilter()");
    HttpServletResponse response = (HttpServletResponse) servletResponse;
    DataOutputStream dos = new DataOutputStream(response.getOutputStream());
    int len = dos.size();
    HttpServletRequest request= (HttpServletRequest) servletRequest;

    response.setHeader("Access-Control-Allow-Origin", "*");
    response.setHeader("Access-Control-Allow-Methods", "GET,POST,DELETE,PUT,OPTIONS");
    response.setHeader("Access-Control-Allow-Headers", "*");
    response.setHeader("Access-Control-Allow-Credentials", "true");
    response.setHeader("Access-Control-Max-Age", "180");
    response.setHeader("Content-Type", "application/json");
    response.setHeader("Content-Length", ""+len);
    filterChain.doFilter(servletRequest, servletResponse);
}

开发小组: enter image description here

2 个答案:

答案 0 :(得分:1)

经过一些试验和错误后,我能够通过将请求中看到的所有标头添加到响应中的Access-Control-Allow-Headers标头来实现它的工作:

I bit_twiddle_permute3(I v) {
    int n = __builtin_ctz(v);
    I s = v >> n;  
    I t = s + 1;  
    if (v == 0 || t << n == 0) { return s; }
    I w = (t << n) | ((~t & s) >> 1);
    return w;
}

答案 1 :(得分:0)

Access-Control-Allow-Headers: *尚不支持。 https://crbug.com/615313

相关问题
最新问题