egg Origin request header and Access-Control-Allow-Origin

bq3bfh9z  于 2023-03-19  发布在  其他
关注(0)|答案(1)|浏览(282)

According to https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin#Examples
Limiting the possible Access-Control-Allow-Origin values to a set of allowed origins requires code on the server side to check the value of the Origin request header, compare that to a list of allowed origins, and then if the Origin value is in the list, to set the Access-Control-Allow-Origin value to the same value as the Origin value.

But https://github.com/eggjs/egg-cors just set Access-Control-Allow-Origin and don't compare Origin header

egg

1条答案

按热度按时间
jbose2ul

jbose2ul1#

@sm2017 according to the egg-cors's doc , you should introduce and config egg-security to achieve the requirement.
Beside, the origin option support function type:
1.

  1. https://github.com/koajs/cors/blob/71c4d00b170f52fd1324e9fd028816408867f8a6/index.js#L56
赞(0)分享  回复(0)举报  2023-03-19
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备13028337号-1 大数据知识库 https://www.saoniuhuo.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com