当POSTMAN工作时，角度POST交叉原点错误 [英] Angular POST cross origin error while POSTMAN works

问题描述

我尝试从我的角度登录服务POST：

  $ http.post（'https：// xyz / login '，
 {
 header：{
'Content-type'：'application / json'，
'Accept'：'application / json'，
'signature '：'asd'
} 
  

我得到这个错误：

XMLHttpRequest无法加载https：// xyz / login。对预检请求的响应不通过访问控制检查：否Access-Control-因此不允许访问原始'http：// localhost：1337'


我试过这个头文件：

  $ httpProvider.defaults.useXDomain = true; 
 delete $ httpProvider .defaults.headers.common ['X-Requested-With']; 
  

/ p>

 Access-Control-Allow-Origin：*; 
Access-Control-Allow-Headers ：X-Requested-With; 
Access-Control-Allow-Methods：GET，POST，PUT，DELETE; 
  

有趣的是，POSTMAN工作。

解决方案

您的请求包含非简单标头内容类型和签名，必须包含在回应的 Access-Control-Allow-Headers 标题。

（ Content- type 应用程序/ json 不是这些值之一，它会导致 Content-type 变为非简单。）

添加内容类型到<$ c $

POSTMAN不受同源策略的约束，因此它在您的服务器的预检响应中包含一个允许访问控制 - 允许头不需要服务器的CORS支持。

I try to POST from my angular login service:

$http.post('https://xyz/login',
            {
                headers: {
                    'Content-type': 'application/json',
                    'Accept': 'application/json',
                    'signature': 'asd'
                }

And I get this error:

XMLHttpRequest cannot load https://xyz/login. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:1337' is therefore not allowed access.

I tried this headers:

$httpProvider.defaults.useXDomain = true;
delete $httpProvider.defaults.headers.common['X-Requested-With'];

And also these:

"Access-Control-Allow-Origin": "*";
"Access-Control-Allow-Headers": "X-Requested-With";
"Access-Control-Allow-Methods": "GET, POST", "PUT", "DELETE";

The interesting thing, is that the POSTMAN works. What shoud I have to do?

Thanks.

解决方案

Your request includes non-simple headers Content-type and signature which must be included in the response's Access-Control-Allow-Headers header.

(Content-type is sometimes a simple header, but only for particular values. application/json is not one of those values, and it causes Content-type to become non-simple.)

Add Content-type to Access-Control-Allow-Headers in your server's preflight response.

POSTMAN is not bound by the same-origin policy, so it does not require CORS support from the server.

这篇关于当POSTMAN工作时，角度POST交叉原点错误的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！