has been blocked by CORS policy: Request header field authorization is not allowed by Access-Control

時間 2019-12-09

標籤 blocked cors policy request header field authorization allowed access control 简体版

原文原文鏈接

http://www.javashuo.com/article/p-xcprhdot-gt.htmlhtml

// TODO 支持跨域訪問
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Credentials", "true");
        response.setHeader("Access-Control-Allow-Methods", "*");
        response.setHeader("Access-Control-Allow-Headers", "Content-Type,Access-Token");
        response.setHeader("Access-Control-Expose-Headers", "*");

        if (request.getMethod().equals("OPTIONS")) {
            HttpUtil.setResponse(response, HttpStatus.OK.value(), null);
            return;
        }

相關標籤/搜索

每日一句

每一个你不满意的现在，都有一个你没有努力的曾经。