随机获取不存在“Access-Control-Allow-Origin”标头
随机获取不存在“Access-Control-Allow-Origin”标头
提问于 2020-07-02 23:29:47
我用EXPRESS.js搭建了一台CDN服务器,放在子域上,用cors包打开CORS
var app = express();
app.use(cors({
methods: "GET,HEAD,PUT,PATCH,POST,DELETE,OPTIONS",
}));
function shouldCompress (req, res) {
if (req.headers['x-no-compression']) return false
return compression.filter(req, res)
}
app.use(compression({filter: shouldCompress}))
app.use(requestIp.mw());
app.use(helmet());
app.use(bodyParser.urlencoded({limit: '5mb', extended: false}));
app.use(bodyParser.json({limit: '5mb'}));
app.use(bodyParser.text({type: 'text/plain',limit: '5mb'}));
app.use(cookieParser());但有时,由于CORS策略,我的网站无法正确加载。
我用https://www.test-cors.org和GET和OPTIONS测试了这些链接。一切都很好。
Access to XMLHttpRequest at 'https://cdn.boghrat.com//adm/notif.html' from origin 'https://boghrat.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
回答 1
Stack Overflow用户
发布于 2020-07-08 17:19:21
使用这个
app.use(function (req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header(
"Access-Control-Allow-Methods",
"GET,HEAD,PUT,POST,OPTIONS,UPDATE,DELETE"
);
res.header(
"Access-Control-Allow-Headers",
"Origin, X-Requested-With, Content-Type, Accept, Authorization, token"
);
next();
});页面原文内容由Stack Overflow提供。腾讯云小微IT领域专用引擎提供翻译支持
原文链接:
https://stackoverflow.com/questions/62699900
复制相关文章
相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号