I'm trying to make CORS request POST from domain.com to a.domain.com.

我正在尝试使 CORS 请求从 domain.com POST 到 a.domain.com。

My javascript looks like this

我的 javascript 看起来像这样

$('#fileupload').fileupload({
  xhrFields: {
    withCredentials: true
  },
  dataType: 'json',
  url: $('#fileupload').data('path'),
  singleFileUploads: true,
  add: function(e, data){
    data.submit();
  }
});

At first I see the OPTIONS route being called like so:

起初我看到 OPTIONS 路由被这样调用：

Request URL: https://a.domain.com/some/route
Request Method:OPTIONS
Status Code:200 OK

OPTIONS REQUEST:

选项请求：

Access-Control-Request-Headers:origin, content-type, accept
Access-Control-Request-Method:POST
Host:a.domain.com
Origin:http://domain.com:3000
Referer:http://domain.com:3000/home

OPTIONS RESPONSE

选项响应

Access-Control-Allow-Credentials:true
Access-Control-Allow-Methods:POST
Access-Control-Allow-Origin:http://domain.com:3000
Connection:keep-alive
Content-Length:0
Content-Type:text/html;charset=utf-8

That request comes back with a 200 like stated. On my server, I have the same route with POSTmethod and this is what I get in return after the OPTIONS

该请求返回 200，如所述。在我的服务器上，我有相同的路由POST方法，这就是我在OPTIONS

Request URL:https://a.domain.com/some/route

POST REQUEST

发布请求

Content-Type:multipart/form-data; boundary=----WebKitFormBoundaryjwr5Pk7WBcfzMdbO
Origin:http://domain.com:3000
Referer:http://domain.com:3000/home

and the POSTrequest gets canceled/fails.

并且POST请求被取消/失败。

My question is, do I need to have the access-control-allow-origin on the POST controller as well?

我的问题是，我是否还需要在 POST 控制器上设置 access-control-allow-origin ？

I have a cookie for authorization that has domain .domain.comthat cookie got sent across once in a request and it's not being sent now. Any idea why that would happen?

我有一个用于授权的 cookie，.domain.com该 cookie 的域在请求中发送一次，但现在没有发送。知道为什么会这样吗？