xhr.js:108 Refused to set unsafe header "Cookie"

 

https://stackoverflow.com/questions/7210507/ajax-post-error-refused-to-set-unsafe-header-connection/7210840ajax

 

Remove these two lines:post

xmlHttp.setRequestHeader("Content-length", params.length); xmlHttp.setRequestHeader("Connection", "close");

XMLHttpRequest isn't allowed to set these headers, they are being set automatically by the browser. The reason is that by manipulating these headers you might be able to trick the server into accepting a second request through the same connection, one that wouldn't go through the usual security checks - that would be a security vulnerability in the browser.spa

 

// request interceptor
service.interceptors.request.use(
    config => {
        // do something before request is sent
        // console.log(store.getters.token)
        config.headers['Access-Control-Allow-Origin'] = '*'
        config.headers['cache-control'] = 'max-age=1,s-maxage=1'
        config.headers['Cookie'] = 'noBy-interceptors.request'
相關文章
相關標籤/搜索