cors方法修补程序未在访问控制允许方法中显示

4c8rllxm  于 2021-06-29  发布在  Java
关注(0)|答案(1)|浏览(403)

我在一个angular 9应用程序和使用angular httpclient发送补丁需要。但由于飞行前请求未通过,请求总是失败。我知道我可以添加一些关于allow方法的设置,我确实添加了,但仍然不起作用,似乎我的设置对angular httpclient不起作用。我在这个问题上坚持了很长时间,请给我一些建议。服务器是tomcat7(7.0.106),restapi是jersery,下面是web.xml中设置的一部分

<filter>
        <filter-name>CorsFilter</filter-name>
        <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
        <init-param>
            <param-name>cors.allowed.origins</param-name>
            <param-value>*</param-value>
        </init-param>
        <init-param>
            <param-name>cors.allowed.headers</param-name>
            <param-value>Authorization,Content-Type,X-Requested-With,Origin,Accept,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
        </init-param>
        <init-param>
            <param-name>cors.allowed.methods</param-name>
            <param-value>GET, POST, PUT, DELETE, OPTIONS, HEAD, PATCH</param-value>
        </init-param>
    </filter>

下面是chrome中的angular httpclient(失败的一个)的请求细节


**General**

Request URL: http://localhost:8080/api/v1/user/testPatch
Request Method: OPTIONS
Status Code: 200 OK
Remote Address: [::1]:8080
Referrer Policy: strict-origin-when-cross-origin

**Request Header**

...
Accept: */*
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: PATCH
Cache-Control: no-cache
Connection: keep-alive
Host: localhost:8080
Origin: http://localhost:4200
Pragma: no-cache
Referer: http://localhost:4200/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
...

**Response Header**

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Authorization,Content-Type,X-Requested-With,Origin,Accept,Access-Control-Request-Method,Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, PUT, POST, DELETE, HEAD, OPTIONS
Access-Control-Allow-Origin: http://localhost:4200
Allow: OPTIONS,PATCH
Content-Length: 803
Content-Type: application/vnd.sun.wadl+xml
Server: HTTP Server
...

如您所见,patch方法不在“access control allow methods”中,但是我已经在web.xml中设置了它,我不知道我缺少了什么。顺便说一句,我可以通过postman成功地调用相同的api,响应中的“access control allow methods”设置与我在web.xml中设置的完全相同

58wvjzkj

58wvjzkj1#

我终于找到了问题所在,但首先感谢@andrei和@paul samsotha的回复。这个问题的原因是我使用了一个chrome cors插件,该插件将为cors请求提供allow方法,alllow方法的默认值是not include“patch”。

相关问题