相关疑难解决方法(0)

Angular2:Access-Control-Allow-Headers不允许使用X-XSRF-TOKEN

我正在努力解决这个问题,因为我正在实施跨站点API调用.最糟糕的是它在我的本地环境中运行良好但是一旦在heroku上运行,它会因以下错误而失败:

XMLHttpRequest无法加载https://restcountries.eu/rest/v1/all.在预检响应中,Access-Control-Allow-Header不允许请求标头字段X-XSRF-TOKEN.

这是触发调用的函数:

  let observable = this._http
    .get(GEO_API_URL + query)
    .map(response => response.json())
    .do(val => {
      this.cache = val;
      observable = null;
    })
    .share();

  return observable;

Run Code Online (Sandbox Code Playgroud)

任何的想法？

谢谢.

xmlhttprequest heroku cors angular

kfa*_*kfa

lucky-day

10
推荐指数

2
解决办法

1万
查看次数

Backbone和Slim PHP - Access-Control-Allow-Headers - 可以获取信息,不能发布它吗？

我正在使用Backbone和Slim PHP框架.我正在尝试将信息发布到我的API,但是Access-Control-Allow-Headers一直让我遇到问题......

我的控制台显示:

    OPTIONS http://api.barholla.com/user/auth 405 (Method Not Allowed) zepto.min.js:2
XMLHttpRequest cannot load http://api.barholla.com/user/auth. Request header field Content-Type is not allowed by Access-Control-Allow-Headers.

Run Code Online (Sandbox Code Playgroud)

我的标题是:

Request URL:http://api.barholla.com/user/auth
Request Method:OPTIONS
Status Code:405 Method Not Allowed
Request Headersview source
Accept:*/*
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:origin, content-type, accept
Access-Control-Request-Method:POST
Connection:keep-alive
Host:api.barholla.com
Origin:http://localhost
Referer:http://localhost/barholla/app/
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4
Response Headersview source
Access-Control-Allow-Origin:*
Allow:POST
Connection:close
Content-Type:application/json
Date:Thu, 08 Nov 2012 16:12:32 GMT
Server:Apache
Transfer-Encoding:chunked
X-Powered-By:Slim
X-Powered-By:PleskLin

Run Code Online (Sandbox Code Playgroud)

我的slim index.php文件中的标题是: