我有一个控制器式的REST Web服务端点,如果我发布非空内容,它将在浏览器中工作,但当内容为空时,浏览器返回:
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 403. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
以下是包含有效内容的请求:
POST /my/controller/resource HTTP/1.1
Host: localhost:8083
Connection: keep-alive
Content-Length: 1
accept: application/json
Origin: null
Authorization: Bearer JWT
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36
Content-Type: application/json
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
HTTP/1.1 204 No Content
Server: Apache-Coyote/1.1
Access-Control-Allow-Origin: null
Access-Control-Allow-Credentials: true
Content-Language: en-US
Date: Thu, 15 Feb 2018 13:44:53 GMT
这是一个没有内容无效的请求
POST /my/controller/resource HTTP/1.1
Host: localhost:8083
Connection: keep-alive
Content-Length: 0
accept: application/json
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36
Authorization: Bearer JWT
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
HTTP/1.1 403 Forbidden
Server: Apache-Coyote/1.1
Content-Type: text/plain
Content-Length: 0
Date: Thu, 15 Feb 2018 13:42:16 GMT
任何人都可以解释为什么没有内容的请求不起作用 - 以及我可以采取哪些措施来纠正这个问题?
答案 0 :(得分:0)
这似乎不是CORS错误 - 服务器设置为不允许零内容长度的POST请求。这就是抛出403错误响应的原因。