Question

在生产环境中向我的api请求时，会出现此错误

Access to XMLHttpRequest at 'http://...:300/api/ext/companies/sort=%22code%22:-1&limit=1' from origin
'http://...:90' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.

我该如何解决这个问题？

我的前端以角度5开发。

我的api是用nodejs开发的，这是我的配置

app.use((req, res, next) => {
  res.header('Access-Control-Allow-Origin', '*');
  res.header('Access-Control-Allow-Headers', 'X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Authorization, Database');
  res.header('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, DELETE');
  res.header('Allow', 'GET, POST, OPTIONS, PUT, DELETE');

  next();
});

Answer 1

安装此package。

代替：

const express = require("express");

尝试一下：

const express = require("express").use("*", cors());

并删除它：

app.use((req, res, next) => {
  res.header('Access-Control-Allow-Origin', '*');
  res.header('Access-Control-Allow-Headers', 'X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method, Authorization, Database');
  res.header('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, DELETE');
  res.header('Allow', 'GET, POST, OPTIONS, PUT, DELETE');

  next();
});

为什么CORS策略会阻止我的IP进入我的API？

1 个答案: