CORS请求仅受Orion Context Broker 1.10及更高版本支持.

CORS requests are only supported by Orion Context Broker version 1.10 and above.

正如@JoseManuelCantera指出的那样，您不需要在请求中添加任何CORS特定的标头，这些标头由您的客户端(浏览器，邮递员等)处理

As @JoseManuelCantera has pointed out, you do not need to add any CORS specific headers to your request, those are handled by your client (browser, Postman etc.)

您需要:

1. 将您的版本升级到1.10
2. 以CORS模式启动Orion

您可以在以下任何来源的CORS模式下启动Orion(Orion会接受来自任何来源的CORS请求):

You can start Orion in CORS mode for any origin (Orion will accept CORS requests from any origin) as below:

contextBroker -corsOrigin __ALL

请查看 Orion的CORS文档了解更多信息.

更新

请允许我简短地解释CORS 飞行前的逻辑.如果您的请求不是简单请求，则您浏览器将在之前执行飞行前请求您可以使用OPTIONS方法.如果Orion不在CORS模式下启动，您将始终得到不允许的方法作为对非简单请求的响应.

Please allow me to shortly explain CORS pre-flight logic. If your request is not a simple request, your browser will do a pre-flight request prior to yours with the OPTIONS method. If Orion is not started in CORS mode, you will always get method not allowed as a response to your non-simple requests.

那么问题是什么，为什么与不同的客户获得不同的结果?邮递员(curl等)完全按照您想要的去做，并按照您的配置发送请求.它不会检查您发送的请求是否应该预先显示.

So what is the problem, why are you getting different results with different clients? Postman (curl etc.) does exactly what you want it to do and sends the requests as you have configured. It does not check if the request you are sending should be pre-flighted or not.

另一方面，您的浏览器会检查您的请求，并在必要时进行飞行前检查.除了修改请求之外，您无权控制.

On the other hand, your browser does check your request and do a pre-flight if necessary. You have no control over this other than modifying your request.

您正在使用的Javascript框架可能正在向请求添加标头，使其成为非简单"请求.例如:X-Requested-With.请参阅此问题.

The Javascript framework you are working with is probably adding a header to the request rendering it a "non-simple" request. For example: X-Requested-With. Please see this question.

我的建议是查看浏览器发送的请求的详细信息(标头，方法等)，看看是什么使它成为非简单的请求.然后对您的js代码进行必要的更改，以确保您的请求属于简单请求的范围.

My suggestion is to take a look at the details of the request your browser sends (headers, methods etc.) and see what makes it a non-simple request. Then do the necessary changes on your js code to make sure your request falls within the scope of simple requests.

话虽如此，您最终将需要升级Orion版本，因为例如，从不请求将在通过浏览器发送时被视为简单请求.

Having said that, you will need to upgrade your Orion version eventually since for example, a DELETE request is never going to be treated as a simple request when sent over a browser.