错误:请求标头字段在飞行前响应中不允许Access-Control-Allow-Headers进行授权 [英] Error: Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response
问题描述
我正在Angular 2和Laravel 5.4中构建我的应用程序. Angular2用于客户端,而laravel 5.4用于服务器端.我在laravel中创建了API,并从Angular2请求这些API.
I am building my application in Angular 2 and Laravel 5.4. Angular2 is for client side and laravel 5.4 is for server side. I created APIs in laravel and requesting those APIs from Angular2.
在Laravel中,我配置了Oauth 2护照服务,该服务正在对所有API进行身份验证.在每个API调用中,我都在下面的标头中发送.
In Laravel, I configured Oauth 2 passport service which is authenticating all APIs. In each API call I am sending below headers.
内容类型",授权"
我如何使用标头调用API.
The way how I am calling APIs with headers.
private headers = new Headers({'Content-Type': 'application/json', 'Authorization': 'Bearer ' + localStorage.getItem('access_token') });
let body = JSON.stringify({ user_id, company_id });
console.log(this.headers);
this.http.post(this.BuyerCostSetting, body, {headers:this.headers} )
.subscribe(
response => {
console.log('here');
console.log(response);
},
error => {
console.log(error.text());
}
);
当我从Angular2中访问此API时,它显示以下错误:
When I am hitting this API from Angular2, it is showing the below error:
Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response
推荐答案
错误消息很明显,后端不允许使用'Authorization'标头.
在您的后端Laravel应用程序中,您必须设置一个包含以下内容的响应标头:
The errormessage is clear, 'Authorization' header is not allowed by your backend.
In your backend Laravel application you have to set a response header containing:
Access-Control-Allow-Headers : 'Content-Type', 'Authorization'
在此处查看更多文档: https ://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers
see further documentation here: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers
这篇关于错误:请求标头字段在飞行前响应中不允许Access-Control-Allow-Headers进行授权的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
