我正在使用角度为2的以下标题对服务器进行API GET调用。我的角度2代码如下:
let headers = new Headers();
headers.append('Content-Type', 'application/json');
headers.append('Authorization', `${this.publisherAccessTokenVar}`);
let options = new RequestOptions({ headers: headers });
return this.http.get( 'https://blahblah', options)
.retryWhen((error) => error.delay(this.appConfig.serviceCallRetryDelay))
.timeout(this.appConfig.serviceCallRetryTimeOut)
.map((response: Response) => response.json());
我的春季启动CORS代码如下:
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", ((HttpServletRequest) req).getHeader("Origin"));
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "POST,PUT, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Access-Control-Request-Method,Access-Control-Request-Headers,Content-Type, Accept, X-Requested-With, remember-me, Authorization, X-XSRF-TOKEN");
chain.doFilter(req, res);
我收到以下错误:
OPTIONS http://blah-blah.com/abcd/logout 403 (Forbidden)
XMLHttpRequest cannot load http://blah-blah.com/abcd/logout. Response for preflight has invalid HTTP status code 403
如何解决这个问题?
答案 0 :(得分:2)
您必须在控制器声明之前添加@CrossOrigin。