在飞行前响应中，Access-Control-Allow-Methods不允许方法DELETE [英] Method DELETE is not allowed by Access-Control-Allow-Methods in preflight response

问题描述

我正在尝试发出DELETE ajax请求，但似乎无法使它工作.当我使用POSTMAN进行制作时，它可以工作.这是我的代码:

I am trying to make a DELETE ajax request but I can't seem to make it work. When I make it using POSTMAN it works. Here's my code:

这是我的请求，是使用jQuery的.ajax()方法发出的:

This is my request, made with jQuery's .ajax() method:

$.ajax({
    url: imageUrl,
    type: 'DELETE',
    crossDomain: true
});

在服务器上，使用node.js + express构建的另一个应用程序，我有:

On the server, a different app built with node.js + express, I have:

app.use(function(req, res, next) {
    res.header("Access-Control-Allow-Origin", "*");
    res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
    next();
});

---

最后，这些是我的请求，请求标头和响应标头:

---

And finally, these are my Request, Request Headers and Response Headers:

请求

Request URL:http://original/request/url
Request Method:OPTIONS
Status Code:200 OK
Remote Address:75.126.137.93:80 

请求标头

Accept:*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:pt-BR,pt;q=0.8,en-US;q=0.6,en;q=0.4,es;q=0.2,gl;q=0.2
Access-Control-Request-Headers:
Access-Control-Request-Method:DELETE
Connection:keep-alive
Host:fs.bvodola.webfactional.com
Origin:http://localhost:3000
Referer:http://localhost:3000/landing/admin/add-page
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36

响应标题

Access-Control-Allow-Headers:Origin, X-Requested-With, Content-Type, Accept
Access-Control-Allow-Origin:*
Allow:GET,HEAD,DELETE
Connection:keep-alive
Content-Length:15
Content-Type:text/html; charset=utf-8
Date:Sat, 03 Sep 2016 23:34:17 GMT
ETag:W/"f-W+bYAIA7Bs2GwQecFLp1SA"
Server:nginx
X-Powered-By:Express

在控制台中，我得到以下信息:

And in the Console i get the following:

XMLHttpRequest无法加载 http://original/request/url .在飞行前响应中，Access-Control-Allow-Methods不允许使用方法DELETE.

XMLHttpRequest cannot load http://original/request/url. Method DELETE is not allowed by Access-Control-Allow-Methods in preflight response.

我该如何解决? 在一些StackOverflow问题上，我读到Access-Control-Allow-Headers必须与Access-Control-Request-Headers相同.但是，当我尝试在jQuery请求上进行设置时，会在控制台上看到以下内容:

How can I solve this? On some StackOverflow questions I read that Access-Control-Allow-Headers must the same as Access-Control-Request-Headers. But when I try to set it on the jQuery request, I get the following on the console:

拒绝设置不安全的标头"Access-Control-Request-Headers"

关于什么可能是错的任何想法?谢谢！

Any ideas of what might be wrong? Thanks!

我查看了以下StackOverflow问题，但找不到答案:

I have looked at the following StackOverflow questions but couldn't find the answer:

• Access-Control-Allow不允许删除-方法
• 始终在飞行前响应中，Access-Control-Allow-Methods不允许方法DELETE
• 访问控制权限-飞行前响应中的原始内容无法启用跨域访问
• 请求标头字段Access-Control-Allow-Header不允许Access-Control-Allow-Header

• DELETE is not allowed by Access-Control-Allow-Methods
• Always got Method DELETE is not allowed by Access-Control-Allow-Methods in preflight response
• Access-Control-Allow-Origin in preflight response doesn't enable cross-domain access
• Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers

推荐答案

在响应头中添加Access-Control-Allow-Methods，并添加您想允许的逗号分隔方法:'GET, POST,DELETE...'

Add Access-Control-Allow-Methods as well in the response headers with the methods you would like to allow as comma separated: 'GET, POST,DELETE...'

这篇关于在飞行前响应中，Access-Control-Allow-Methods不允许方法DELETE的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！