即使使用Auth Pre-Flight，也无法使用Python Falcon进行CORS失败 [英] CORS failure in with Python Falcon even with heads for Auth Pre-Flight

问题描述

在Angular2 http.get(URL，options)中使用 OPTIONS动词时，即使在Falcon Rest API中设置了适当的CORS标头，也会收到这些错误.

Receiving these error when using the OPTIONS verb in Angular2 http.get(url, options), even though the appropriate CORS headers are set in Falcon Rest API.

XMLHttpRequest无法加载 http://localhost:8000/names .请求标头 字段中的Access-Control-Allow-Header不允许授权 飞行前反应.

XMLHttpRequest cannot load http://localhost:8000/names. Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response.

resp.set_header("Access-Control-Allow-Origin", "*")
        resp.set_header("Access-Control-Allow-Credentials", "true")
        resp.set_header("Access-Control-Allow-Methods", "GET,HEAD,OPTIONS,POST,PUT")
        resp.set_header("Access-Control-Allow-Headers",
                       "Access-Control-Allow-Headers, Origin,Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers")

对于非OPTIONS/正常的http.get()请求，此方法工作正常.

For non OPTIONS / normal http.get() requests this works fine.

推荐答案

使用falcon_cors解决了此问题，特别是通过设置 allow_all_methods = True

Resolved this using falcon_cors, specifically by setting allow_all_methods=True

pip安装falcon-cors

pip install falcon-cors

from falcon_cors import CORS

cors = CORS(allow_origins_list=['http://localhost:3000'],
            allow_all_headers=True,
            allow_all_methods=True)

api = falcon.API(middleware=[cors.middleware])

这篇关于即使使用Auth Pre-Flight，也无法使用Python Falcon进行CORS失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！