更新时间:2022-11-12 09:41:32
得到答案...
从您的计算机中删除了this.headers.set("Access-Control-Allow-Origin","*")前端
Removed this.headers.set("Access-Control-Allow-Origin", "*") from your frontend
和
在拦截器响应中添加到后端.
added in backend in intercepter response..
response.setHeader("Access-Control-Allow-Headers",授权,内容类型,内容范围,内容处置,Content-Description,Origin,X-Requested-With,sessionId);response.setHeader("Access-Control-Allow-Origin","*");
response.setHeader("Access-Control-Allow-Headers", "Authorization,Content-Type, Content-Range, Content-Disposition, Content-Description,Origin, X-Requested-With, sessionId"); response.setHeader("Access-Control-Allow-Origin", "*");
When you start playing around with custom request headers you will get a CORS preflight. This is a request that uses the HTTP OPTIONS verb and includes several headers, one of which being Access-Control-Request-Headers listing the headers the client wants to include in the request.
You need to reply to that CORS preflight with the appropriate CORS headers to make this work. One of which is indeed Access-Control-Allow-Headers. That header needs to contain the same values the Access-Control-Request-Headers header contained (or more).
https://fetch.spec.whatwg.org/#http-cors-protocol explains this setup in more detail.