更新时间:2022-05-20 22:38:08
当您开始使用自定义请求标头时,您将获得 CORS 预检.这是一个使用 HTTP OPTIONS
动词并包含多个标头的请求,其中一个是 Access-Control-Request-Headers
列出客户端想要包含在请求.
When you start playing around with custom request headers you will get a CORS preflight. This is a request that uses the HTTP OPTIONS
verb and includes several headers, one of which being Access-Control-Request-Headers
listing the headers the client wants to include in the request.
您需要使用适当的 CORS 标头回复该 CORS 预检以使其正常工作.其中之一确实是 Access-Control-Allow-Headers
.该标头需要包含与 Access-Control-Request-Headers
标头包含(或更多)相同的值.
You need to reply to that CORS preflight with the appropriate CORS headers to make this work. One of which is indeed Access-Control-Allow-Headers
. That header needs to contain the same values the Access-Control-Request-Headers
header contained (or more).