Angular2 : X-XSRF-TOKEN is not allowed by Access-Control-Allow-Headers

前端 未结 5 2130
挽巷
挽巷 2021-02-13 14:30

I am struggling with this issue today as I am implementing a cross-site API call. The worst thing is it works well from my local environment but once on heroku, it fails with th

5条回答
  •  梦谈多话
    2021-02-13 14:48

    Had the same issue.
    In my case the reason was that in my Chrome cookies was saved X-XSRF-TOKEN field. And somehow Chrome added header 'Access-Control-Request-Headers: x-xsrf-token' to OPTION request. In Firefox the same page works fine, in incognito mode Chrome - too.
    So I've just delete this cookies field (X-XSRF-TOKEN) and that's all.

提交回复
热议问题