Java 预检响应中的 Access-Control-Allow-Methods 不允许总是得到 Method DELETE
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/36374247/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Always got Method DELETE is not allowed by Access-Control-Allow-Methods in preflight response
提问by Joey Yi Zhao
I am using jersey as my restful api implementation. In the front end, I am using angularjs $http service to make http request. When I request a delete method I always got below error.
我使用 jersey 作为我的宁静 api 实现。在前端,我使用 angularjs $http 服务来发出 http 请求。当我请求删除方法时,我总是遇到以下错误。
"Method DELETE is not allowed by Access-Control-Allow-Methods in preflight response."
I read some articles and they say I need to allow delete on "Access-Control-Allow-Methods". I have setup the response filter as below but it still has such problem. What else should I do?
我读了一些文章,他们说我需要允许删除“访问控制允许方法”。我已经设置了如下的响应过滤器,但它仍然有这样的问题。我还应该做什么?
@Provider
public class CORSResponseFilter implements ContainerResponseFilter {
@Override
public void filter(ContainerRequestContext requestContext, ContainerResponseContext responseContext) throws IOException {
MultivaluedMap<String, Object> headers = responseContext.getHeaders();
headers.add("Access-Control-Allow-Origin", "*");
headers.add("Access-Control-Allow-Methods", "*");
}
}
below is my angular code to make the request:
下面是我提出请求的角度代码:
$http({
method: 'DELETE',
url: remoteUrl,
headers : {'Content-Type': 'application/x-www-form-urlencoded;charset=utf-8',
'ACCESS_TOKEN' : $cookieStore.get("access_token")
},
data : $httpParamSerializer({
'id':id
})
}).success(function(data,status,headers,config) {
$scope.refreshDepartments();
console.log(data);
alert("success");
}).error(function(data,status,headers,config){
console.log(data);
alert("error");
});
采纳答案by Joey Yi Zhao
After some testing, I found the solution. I put the allow method on the header as below, then it works. I don't know why "*" doesn't work.
经过一些测试,我找到了解决方案。我将允许方法放在标题上,如下所示,然后它就可以工作了。我不知道为什么“*”不起作用。
headers.add("Access-Control-Allow-Methods", "GET, POST, OPTIONS, PUT, DELETE");
回答by atefth
Try using the CORS extension for chrome, it helped me once.
尝试使用 chrome 的 CORS 扩展,它曾经帮助过我。
EDIT
编辑
This happens because angular adds X-Header keys in your request headers.
发生这种情况是因为 angular 在您的请求标头中添加了 X-Header 键。
X-Headers generally define or set the operating parameters for the HTTP req/res
X-Headers 一般定义或设置 HTTP req/res 的操作参数
You can fix this by modifying the Content-Type of your requests to "text/plain"or "application/x-www-form-urlencoded"or "multipart/form-data".
您可以通过将请求的 Content-Type 修改为"text/plain"或"application/x-www-form-urlencoded"或"multipart/form-data" 来解决此问题。
You can do this by using an interceptor while in your app config.
您可以通过在应用程序配置中使用拦截器来执行此操作。
EDIT
编辑
Add this to your server code -
将此添加到您的服务器代码 -
header('Access-Control-Allow-Headers: X-Requested-With');
Try changing the content-type to text/plain
尝试将内容类型更改为text/plain
Hope this helps.
希望这可以帮助。
