没有可恢复上传的“Access-Control-Allow-Origin"标头 [英] No 'Access-Control-Allow-Origin' header with resumable upload

问题描述

我们正在通过云存储 JSON API 从我们的 App Engine 应用程序生成可恢复的上传 url，这些应用程序在移动设备和网络应用程序上使用.在 Web 应用程序中，使用 XmlHttpRequest 上传带有可恢复上传 url 的文件，我们收到以下错误:

We are generating resumable upload url through the cloud storage JSON API from our App Engine application which are used on mobile as well as a web app. In the web app, using XmlHttpRequest to upload a file with the resumable upload url we get the following error :

XMLHttpRequest 无法加载 https://www.googleapis.com/upload/storage/v1beta2/b/... 请求的资源上不存在Access-Control-Allow-Origin"标头.因此，不允许访问源https://ourapp.appspot.com".

XMLHttpRequest cannot load https://www.googleapis.com/upload/storage/v1beta2/b/... No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'https://ourapp.appspot.com' is therefore not allowed access.

在 Chrome 开发者工具中，网络日志显示第一个 OPTIONS 请求具有适当的Origin"请求标头和Access-Control-Allow-Origin"响应标头，但如所述，以下 PUT 请求失败.

In Chrome developer tools, the network log show a first OPTIONS request with the appropriate "Origin" request header and "Access-Control-Allow-Origin" response header but the following PUT request fails as mentioned.

我们存储桶上的 cors xml 如下所示:

The cors xml on our bucket looks like this:

<?xml version="1.0" encoding="UTF-8"?>
    <CorsConfig>
      <Cors>
        <Origins>
          <Origin>*</Origin>
        </Origins>
        <Methods>
          <Method>PUT</Method>
          <Method>GET</Method>
          <Method>POST</Method>
          <Method>HEAD</Method>
          <Method>DELETE</Method>
          <Method>OPTIONS</Method>
        </Methods>
        <ResponseHeaders>
          <ResponseHeader>*</ResponseHeader>
        </ResponseHeaders>
        <MaxAgeSec>1800</MaxAgeSec>
      </Cors>
    </CorsConfig>

欢迎提出任何建议.

谢谢.

推荐答案

遇到这个问题，发现这是由于来自 App Engine 的初始 POST 请求中缺少origin"标头.

Ran into this problem and discovered that it was due to a missing "origin" header in the initial POST request coming from App Engine.

我的 POST 请求包含内容长度(设置为 0)、x-upload-content-type 和来源，一切正常.

My POST request contains content-length (set to 0), x-upload-content-type, and origin and all is well.

[1]https://cloud.google.com/storage/docs/json_api/v1/how-tos/resumable-upload

这篇关于没有可恢复上传的“Access-Control-Allow-Origin"标头的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！