![]() Additional Library Versions: Vue 2.6. For example, if Site1 is trying to fetch content from Site2, the Site2 can send an Access-Control-Allow-Origin response header to.This is happening because of the CORS (Cross Origin Resource Sharing). ![]() ![]() t_header("Access-Control-Allow-Methods", "GET,HEAD,OPTIONS,POST,PUT") Dealing with Access-Control-Allow-Origin header. In requests with credentials, it is treated as the literal method name ' ' without special semantics. The value ' ' only counts as a special wildcard value for requests without credentials (requests without HTTP cookies or HTTP authentication information). t_header('Access-Control-Allow-Credentials', 'true') A comma-delimited list of the allowed HTTP request methods. t_header('Access-Control-Allow-Origin', ' t_header('Access-Control-Allow-Headers', 'Host, Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-XSRF-TOKEN, Origin, Access-Control-Request-Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Access-Control-Allow-Origin, access-control-allow-origin, Access-Control-Allow-Credentials, access-control-allow-credentials, Access-Control-Allow-Headers, access-control-allow-headers, Access-Control-Allow-Methods, access-control-allow-methods') Therefore we recommend checking the value of the Origin header from the request and reflecting it in the Access-Control-Allow-Origin header in the response. For anyone taking this approach, if you want it to support 'non simple' cors requests (ones that require 'preflight' permission) you will want to implement a doOPTIONS method which returns a 204 response with the following headers: 'Access-Control-Allow-Origin', 'Access-Control-Allow-Methods' and 'Access-Control-Allow-Headers'.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |