发表新帖
发表新帖

Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers

后端 未结
关注
15 1275
爱一瞬间的悲伤
爱一瞬间的悲伤 2020-11-22 16:31

I\'m trying to send files to my server with a post request, but when it sends it causes the error:

Request header field Content-Type is not allowed by

相关标签:
15条回答
  • 日久生厌
    2020-11-22 16:40

    In Asp Net Core, to quickly get it working for development; in Startup.cs, Configure method add

    app.UseCors(options => options.AllowAnyOrigin().AllowAnyMethod().AllowAnyHeader());
    0 讨论(0)
  • 抹茶落季
    2020-11-22 16:41

    if you testing some javascript requests for ionic2 or angularjs 2 , in your chrome on pc or mac , then be sure that you install CORS plugin for chrome browser to allow cross origin .

    mayba get requests will work without needing that , but post and puts and delete will need you to install cors plugin for testing to go without problems , that definitley not cool , but i do not know how people do it without CORS plugin .

    and also be sure the json response is not returning 400 by some json status

    0 讨论(0)
  • 谎友^
    2020-11-22 16:46

    In my case, I'm receiving several parameters as @HeaderParam into a web service method.

    These parameters MUST be declared in your CORS filter that way:

    @Provider
public class CORSFilter implements ContainerResponseFilter {

    @Override
    public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {

        MultivaluedMap<String, Object> headers = responseContext.getHeaders();

        headers.add("Access-Control-Allow-Origin", "*");
        ...
        headers.add("Access-Control-Allow-Headers", 
        /*
         * name of the @HeaderParam("name") must be declared here (raw String):
         */
        "name", ...);
        headers.add("Access-Control-Allow-Credentials", "true");
        headers.add("Access-Control-Allow-Methods", "GET, POST, PUT, DELETE, OPTIONS, HEAD");   
    }
}
    0 讨论(0)
  • 失恋的感觉
    2020-11-22 16:47

    For me, Added the following to my server's web.config file:

    <system.webServer>
    <httpProtocol>
        <customHeaders>
            <add name="Access-Control-Allow-Origin" value="https://other.domain.com" />
            <add name="Access-Control-Allow-Methods" value="GET,POST,OPTIONS,PUT,DELETE" />
            <add name="Access-Control-Allow-Headers" value="Content-Type,X-Requested-With" />
        </customHeaders>
    </httpProtocol>
<system.webServer>
    0 讨论(0)
  • 醉酒成梦
    2020-11-22 16:52

    If anyone experiences this problem with an express server, add the following middleware 

    app.use(function(req, res, next) {
  res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
  next();
});
    0 讨论(0)
  • 小蘑菇
    2020-11-22 16:56

    The server (that the POST request is sent to) needs to include the Access-Control-Allow-Headers header (etc) in its response. Putting them in your request from the client has no effect.

    This is because it is up to the server to specify that it accepts cross-origin requests (and that it permits the Content-Type request header, and so on) – the client cannot decide for itself that a given server should allow CORS.

    0 讨论(0)
 看不清?
提交回复
热议问题