我是新来尝试angular2。我已经安装了angular2文件上传。我复制了教程here
我完全复制开发人员在那里写的东西。但我遇到这样的问题:
XMLHttpRequest无法加载http://localhost:8080/citizen/upload。 对预检请求的响应未通过访问控制检查: 响应中“Access-Control-Allow-Credentials”标头的值 当请求的凭据模式为时,它必须为'true' '包括'。因此不允许来源“http://localhost:4200” 访问。由...发起的请求的凭据模式 XMLHttpRequest由withCredentials属性控制。
我的CORS
SpringBoot这样的过滤器
@Component
public class SimpleCorsFilter implements Filter {
@Override
public void doFilter(ServletRequest req, ServletResponse res, FilterChain chain) throws IOException, ServletException {
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", "http://localhost:4200");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE, PUT");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Authorization, Content-Type, Accept, enctype");
chain.doFilter(req, res);
}
在我添加angular2文件上传代码之前,它仍然可以。如何解决?
答案 0 :(得分:3)
当发生交叉原始请求时,它首先发送HTTP option以检查服务器是否允许跨源请求。如果您使用的是Spring安全性,请检查您是否允许HTTP Option无需验证。如果它在那里添加这样的过滤器
protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
httpServletResponse.addHeader("Access-Control-Allow-Origin", "http://localhost:4200");
httpServletResponse.setHeader("Access-Control-Allow-Credentials", "true");
httpServletResponse.addHeader("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT");
httpServletResponse.addHeader("Access-Control-Allow-Headers", "X-Requested-With, Content-Type, X-Codingpedia, Authorization");
httpServletResponse.addHeader("access-control-expose-headers", "Authorization");
if (!"OPTIONS".equals(httpServletRequest.getMethod())) {
filterChain.doFilter(httpServletRequest, httpServletResponse);
}
}