关于跨域问题的处理Access-Control-Allow-Headers涉及到UA

image

Access to XMLHttpRequest at ‘http://api.XXXXXXXXXXX.com/v1/gethome?homeid=1&sign=473f963206afab4c3f0ea4340cb02c91′ from origin ‘http://m.XXXXXXXXXXXXX.com’ has been blocked by CORS policy: Request header field clientflag is not allowed by Access-Control-Allow-Headers in preflight response.

在NGINX内增加如下配置:

 add_header Access-Control-Allow-Origin '*'; # 根据自己实际情况改变域范围
add_header Access-Control-Allow-Credentials 'true';
add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS';

add_header Access-Control-Allow-Headers 'Origin,Access-Control-Request-Headers,Access-Control-Allow-Headers,DNT,X-Requested-With,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept,Connection,Cook ie,X-XSRF-TOKEN,X-CSRF-TOKEN,Authorization';

在上面的处理基础上又出现信息的问题涉及到UA

Request header field ua is not allowed by Access-Control-Allow-Headers in preflight response.

根据提示信息定位到 http-equiv=”X-UA-Compatible”

解决方式:在Access-Control-Allow-Headers内增加

 CLIENTFLAG,UA

- THE END -
版权声明:
转载原创文章请注明,文章出处://kinggoo.com
原文地址:https://kinggoo.com/nginx-add_header-cross-origin.htm

评论关闭。