发布约会/预订 - CORS 政策问题

我尝试发布一本包含预订数据的字典。但是 chrome 记录了这个错误:Access to XMLHttpRequest at 'http://localhost:8080/reservations' from origin 'http://localhost:4200' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.


这很奇怪,因为我可以发布图像、视频、html 内容,因为我@CrossOrigin在控制器上方放置了注释。但是对于这个特定的帖子请求,它似乎不起作用。


休息控制器:


@CrossOrigin(origins="http://localhost:4200",

        maxAge=2000,allowedHeaders="header1,header2",

        exposedHeaders="header1",allowCredentials= "false")

@RestController

public class ReservationsController {


    private ReservationDao dao;


    @Autowired

    public ReservationsController(ReservationDao dao) {

        this.dao = dao;

    }


    @PostMapping("/reservations")

    public Map<String, String> bookReservation(@RequestBody Map<String, String> reservation) {

        System.out.println(reservation);

        return null;

    }

}

angular api bookReservation方法:


 bookReservation(data) {

    console.log(data);

    const result = this.http.post(this.apiUrl + 'reservations', data).subscribe(

      (val) => {

        console.log('POST call succesful value returned in body',

          val);

      },

      response => {

        console.log('POST call in error', response);

      },

      () => {

        console.log('The POST observable is now completed');

      });

    console.log(result);

  }


潇湘沐
浏览 82回答 1
1回答

jeck猫

如果您只设置 allowedHeaders,您将允许此参数,如果它收到其他参数,它永远不会发送交叉原始标头,chrome 将抛出错误。如果不需要,则应删除 allowedHeaders、exposedHeaders 和 allowCredentials。
打开App,查看更多内容
随时随地看视频慕课网APP

相关分类

Java