响应中"Access-Control-Allow-Credentials"标头的值为“",必须为"true" [英] he value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true'

查看:4046
本文介绍了响应中"Access-Control-Allow-Credentials"标头的值为“",必须为"true"的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

在我的应用程序中,我正在构建一个前端网站(在React上构建),并且我使用PHP作为后端. 我很容易收到错误消息:

in my application i'm building a frontend website (build on React) and i use PHP as my backend. I keey getting the error:

jquery.js:9600无法加载 http://localhost:81/: 响应中的"Access-Control-Allow-Credentials"标头为 当请求的凭据模式为包含"时,必须为"true". 因此,不允许访问来源' http://localhost:3000 .这 XMLHttpRequest发起的请求的凭据模式为 由withCredentials属性控制.

jquery.js:9600 Failed to load http://localhost:81/: The value of the 'Access-Control-Allow-Credentials' header in the response is '' which must be 'true' when the request's credentials mode is 'include'. Origin 'http://localhost:3000' is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

我的PHP标头是:

header('Access-Control-Allow-Origin: http://localhost:3000'); 
// header("Access-Control-Allow-Origin: *"); 
header('Content-Type: application/json');
header('Access-Control-Allow-Headers');
header('Access-Contol-Allow-Credentials: true');

我的前端请求看起来像这样:

my frontend request looks like this:

$.post(
    {
      async: false,

      type: "POST",
      url:'http://localhost:81',
      data: 
      {
        querytype: "dataRequest"
      },
      crossDomain : true,
      xhrFields: {
          withCredentials: true
      },
      complete: this.completed,
      success: this.reqsuccess,
      error: this.reqError
  });

推荐答案

您还没有为标题"Access-Control-Allow-Headers"指定值.该值应该是逗号分隔的允许的请求标头列表.标头是可选的,跨站点原始请求(CORS)不需要标头.请参阅: https://developer. mozilla.org/zh-CN/docs/Web/HTTP/Headers/Access-Control-Allow-Headers .

Well you have not specified values for the header "Access-Control-Allow-Headers". The value should be a comma separated list of request headers that are allowed. The header is optional and not required for Cross-Site Origin Requests (CORS). See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers.

这篇关于响应中"Access-Control-Allow-Credentials"标头的值为“",必须为"true"的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
PHP最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆