邮递员解决“无效的 CORS 请求"对于 POST 请求 [英] Postman Resolving "Invalid CORS request" for a POST Request

问题描述

我刚刚开始使用 Postman 来测试我正在集成的 API.

我有以下错误不断出现

<块引用>

无效的 CORS 请求

注意以下几点:

1. API 使用不记名令牌身份验证 (OAuth2).我有这个工作没有问题.
2. 我确实成功获取了不记名令牌，将其分配给环境变量，然后尝试将其用于 RESTful 操作.
3. 问题出在使用令牌的后续 RESTful 操作中.
4. 当我使用旧令牌(通过 POST 操作)时，它理所当然地告诉我它已过期且未授权.
5. 当我生成一个新的并尝试运行 restful 调用时，它给了我 Invalid CORS request 错误.
6. 使用 cURL，我没有问题.但是邮递员让我很沮丧.

到目前为止我发现了什么:

1. 解决方案

   这是您再次找到的答案:

   <块引用>

   以防万一其他人有同样的问题，这里是如何解决它.在 Chrome 浏览器中转到 https://www.getpostman.com/docs/capture.单击拦截器扩展，然后选择添加到 chrome.添加后，浏览器和邮递员的右上角都会出现一个看起来像红绿灯的新图标.在邮递员中单击此按钮，它会变为绿色.

   ... 粗体翻译:

   <块引用>

   然后向您的请求添加标头.标头 Key 应该是Origin"，标头 Value 应该是您服务器的完整 URL(不要忘记 http:// 或 https://).

   请注意，如果没有 Interceptor 插件，Chrome/Postman 将不允许您添加带有 Key of Origin 的 Header.

   另请注意，至少在我的系统上，拦截器图标不再像交通灯.

   I've just started using Postman to test an API I am integrating to.

   I have the following error that keeps showing up

   Invalid CORS request

   Note the following:

   1. The API uses Bearer token authentication(OAuth2). I have this working without a problem.
   2. I do get the bearer token successfully, assign it to an Environment variable and then attempt to use it for the RESTful operations.
   3. The problem is in the subsequent RESTful operation that uses the token.
   4. When I use an old token (through a POST operation), it rightfully tells me that it is expired and not authorized.
   5. When I then generate a new one and try to run the restful call, it gives me that Invalid CORS request error.
   6. Using cURL, I have no issues. But I am frustrated by Postman.

   What I have found so far:

   1. Using postman with Http POST requests - I don't get the part in bold

   Just in case anybody else has this same problem, here is how to solve it. Go to https://www.getpostman.com/docs/capture in your chrome browser. Click on interceptor extension and then choose add to chrome. Once it is added there is a new icon top right of both the browser and postman that looks like a traffic light. In postman click this and it turns green. Then add a header to every request going to third light. Every header consists of the header name and a value. Start typing over the header name and a list of allowed http headers comes up. Choose "Origin". In the cell for value simply type the full URL of your server. (Do not forget the 'http://' or 'https://').

   2. What is the expected response to an invalid CORS request? - Best explanation I have seen so far on CORS errors.

   The other material speaks about Access-Control-Allow-Method header, preflight requests

   ... and there is an illustrative Apache Tomcat flowchart of the CORS flow.

   解决方案

   Here's the answer you found again:

   Just in case anybody else has this same problem, here is how to solve it. Go to https://www.getpostman.com/docs/capture in your chrome browser. Click on interceptor extension and then choose add to chrome. Once it is added there is a new icon top right of both the browser and postman that looks like a traffic light. In postman click this and it turns green.

   ... With the bit in bold translated:

   Then add a header to your request. The header Key should be "Origin" and the header Value should be the full URL of your server (Do not forget the http:// or https://).

   Note that Chrome/Postman won't allow you to add a Header with a Key of Origin without the Interceptor plugin.

   Also note that at least on my system the Interceptor icon no longer looks like a traffic light.

   这篇关于邮递员解决“无效的 CORS 请求"对于 POST 请求的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！