我在发送带有标头中的令牌的CORS请求时遇到问题。 提取代码:
fetchApi() {
fetch('http://some-link.com',
{
headers: {
'Accept': 'application/json',
'auth-token': 'xxxxxxxxx'
},
method: "GET"
}).then(response => response.json())
.then(function(response){
this.setState({hits:response});
}).catch(function(error) { console.log(error); });
console.log(this.state.hits);
};
控制台日志: 从原点“ http://some-link.com”到“ http://localhost:3000”的获取操作已被CORS策略阻止:在飞行前响应中,Access-Control-Allow-Headers不允许请求标头字段auth-token。 >
网络请求日志:
General
Request URL: http://some-link.com
Request Method: OPTIONS
Status Code: 200 OK
Remote Address: some_ip:80
Referrer Policy: no-referrer-when-downgrade
Response Headers
Access-Control-Allow-Headers: origin, x-requested-with, content-type, auth_token
Access-Control-Allow-Methods: POST, GET, PUT, DELETE, OPTIONS
Access-Control-Allow-Origin: *
Cache-Control: no-cache, private
Connection: Keep-Alive
Content-Length: 8
Content-Type: application/json
Date: Tue, 13 Nov 2018 13:30:35 GMT
Keep-Alive: timeout=5, max=100
Server: Apache/2.4.10 (Debian)
Request Headers
Provisional headers are shown
Access-Control-Request-Headers: auth-token
Access-Control-Request-Method: GET
Origin: http://localhost:3000
Referer: http://localhost:3000/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36
任何想法可能有什么问题吗?
答案 0 :(得分:0)
您必须更改服务器设置以允许标头“ auth-token”。
执行此操作后,您的请求就会生效。
您当前允许使用“ auth_token”,而不是“ auth-token”。
或者,如下更改前端中的标头名称:
headers: {
'Accept': 'application/json',
'auth_token': 'xxxxxxxxx'
}