Access-Control-Allow-Headers 不允许请求头字段 Access-Control-Allow-Headers [英] Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers

查看:93
本文介绍了Access-Control-Allow-Headers 不允许请求头字段 Access-Control-Allow-Headers的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在尝试使用 post 请求将文件发送到我的服务器,但是当它发送时会导致错误:

I'm trying to send files to my server with a post request, but when it sends it causes the error:

Access-Control-Allow-Headers 不允许请求标头字段 Content-Type.

Request header field Content-Type is not allowed by Access-Control-Allow-Headers.

所以我用谷歌搜索了错误并添加了标题:

So I googled the error and added the headers:

$http.post($rootScope.URL, {params: arguments}, {headers: {
    "Access-Control-Allow-Origin" : "*",
    "Access-Control-Allow-Methods" : "GET,POST,PUT,DELETE,OPTIONS",
    "Access-Control-Allow-Headers": "Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With"
}

然后我得到错误:

Access-Control-Allow-Headers 不允许请求头字段 Access-Control-Allow-Origin

Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers

所以我用谷歌搜索了这个,我能找到的唯一一个类似的问题是提供了一半的答案,然后作为题外话关闭.我应该添加/删除哪些标题?

So I googled that and the only similar question I could find was provided a half answer then closed as off topic. What headers am I supposed to add/remove?

推荐答案

服务器(POST 请求发送到的服务器)需要包含 Access-Control-Allow-Headers 标头(等​​)在其响应中.将它们放入客户的请求中没有任何效果.

The server (that the POST request is sent to) needs to include the Access-Control-Allow-Headers header (etc) in its response. Putting them in your request from the client has no effect.

这是因为由服务器指定它接受跨域请求(并允许 Content-Type 请求标头等)——客户端无法决定本身,给定的服务器应该允许 CORS.

This is because it is up to the server to specify that it accepts cross-origin requests (and that it permits the Content-Type request header, and so on) – the client cannot decide for itself that a given server should allow CORS.

这篇关于Access-Control-Allow-Headers 不允许请求头字段 Access-Control-Allow-Headers的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆