我知道之前已经解决了这么多次 . 但我可以看到响应上已经有 Headers 上的Access-Control-Allow-Origin .
这是我的请求代码:
var req = {
method: 'POST',
url: "integration-api.domain.com/login",
headers: {
'Content-Type': 'application/x-www-form-urlencoded',
'X-AN-WebService-IdentityKey': identitykey,
'X-AN-WebService-CustomerAuthToken': customerAuth,
'X-AN-WebService-CustomerTransientToken': transientToken,
'Cache-Control': 'no-cache'
},
data: datatopass
};
console.log(datatopass);
return $http(req).then(function(response){
console.log(response);
return response.data;
}, function(err) {
console.log(err);
return err;
});
This is the request header when viewing on chrome:
接受:/ Accept-Encoding:gzip,deflate,sdch,br Accept-Language:en-US,en; q = 0.8 Access-Control-Request-Headers:x-an-webservice-identitykey Access-Control-Request-Method :POST Cache-Control:no-cache连接:keep-alive主机:integration-api.domain.com原产地:http:// OriginDomain Pragma:no-cache Referer:http:// OriginDomain / apitest / User-Agent:Mozilla /5.0(Windows NT 10.0; Win64; x64)AppleWebKit / 537.36(KHTML,与Gecko一样)Chrome / 54.0.2840.99 Safari / 537.36
Then the preflight response is:
Access-Control-Allow-Headers:x-an-webservice-identitykey,origin,content-type,x-an-webservice-customerauthtoken,x-an-webservice-deviceauthtoken,x-an-webservice-customertransienttoken,x-an -webservice-version Access-Control-Allow-Origin:*日期:2016年11月30日星期三06:56:50 GMT
服务器是否需要在响应中添加Access-Control-Allow-Method或任何其他标头,还是需要在我的代码上添加一些内容?
我正在使用angular.js调用$ http调用url
1 回答
您还需要允许方法类型
请看这个答案 . Response to preflight request doesn't pass access control check in NodeJS