我正在尝试从位于localhost的开发版本访问远程服务器。我是第一个尝试使用Firefox的人,其他人都尝试使用Chrome,该工具可以正常工作。
Request URL: https://alexander.deployment.local/api/v1/PageInfo/current
Request method: OPTIONS
Remote address: 192.168....
Status Code: 200 OK
Version: HTTP/1.1
Referrer Policy: no-referrer-when-downgrade
Request headers:
Accept: text/html,application/xhtml+xm…ml;q=0.9,image/webp,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.5
Access-Control-Request-Headers: content-type,x-requested-with
Access-Control-Request-Method: GET
Cache-Control: max-age=0
Connection: keep-alive
Host: alexander.deployment.local
Origin: http://localhost:1842
Referer: http://localhost:1842/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; …) Gecko/20100101 Firefox/65.0
Response headers:
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Content-Type,Accept,X-Requested-With
Access-Control-Allow-Methods: POST,GET,PUT,DELETE,OPTIONS
Access-Control-Allow-Origin: http://localhost:1842
Cache-Control: private
Content-Encoding: gzip
Content-Length: 244
Content-Type: text/html; charset=utf-8
Date: Fri, 08 Feb 2019 12:36:08 GMT
Location: /Login?ReturnUrl=%2fapi%2fv1%2fPageInfo%2fcurrent
Server: Microsoft-IIS/10.0
Vary: Accept-Encoding
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
Firefox错误消息:
跨域请求被阻止:“同源起源”策略禁止读取https://alexander.deployment.local/api/v1/PageInfo/current处的远程资源。 (原因:CORS标头“ Access-Control-Allow-Origin”与“ http://localhost:1842,*”不匹配)
奇怪的是,Access-Control-Allow-Origin标头准确地表示了 Origin 的值,应该允许该请求通过。为什么Firefox为什么希望逗号逗号组合而不是Chrome?