Jeecms跨域 Request header field is not allowed by Access-Control-Allow-Headers in preflight response

原创 已于 2023-09-20 10:14:39 修改 · 1.2k 阅读 · 2 ·
CC 4.0 BY-SA版权
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
文章标签:

#json #http #postman #java

于 2023-03-17 10:39:17 首次发布
在基于Jeecms的二次开发中遇到前端跨域问题,具体表现为XMLHttpRequest被CORS策略阻止。错误指出请求头字段zz未被Access-Control-Allow-Headers允许。解决方案是在HeaderCorsFilter.java中添加zz到响应头,确保Jeecms框架允许该头部通过跨域请求。

摘要生成于 C知道 ,由 DeepSeek-R1 满血版支持, 前往体验 >

最近在基于Jeecms的框架进行二次开发,前后端联调简直踩坑无数,这几天遇到跨域问题若干,一个最新的前端报错:

Access to XMLHttpRequest at 'http://xx.xx.xx.xx:8083/xxx' from origin 'http://localhost:63342' has been blocked by CORS policy: Request header field zz is not allowed by Access-Control-Allow-Headers in preflight response.

这个接口,postman直接请求是正常的,前端页面请求会报网络异常,显示如上错误。后端无反馈,未进入相应接口。

其实错误已经明确指出了问题原因:Request header field is not allowed by Access-Control-Allow-Headers in preflight response 也就是说后端拦截了Headers里面的zz,需要在header跨域过滤器中重新设置,允许带zz的Header通过前端网页访问。

进入HeaderCorsFilter.java,在doFilter方法中,添加新的resp.setHeader("Access-Control-Allow-Headers","zz")

在jeecms的框架中,可以搜索Access-Control-Allow-Headers,查看其它地方的header过滤设置,例:ResponseUtils.java,照猫画虎即可。

CROS 预检请求 异常解决方法 authorization is not allowed by Access-Control-Allow-Headers in preflight response
Tekin 是深耕技术 20 年的全栈实战派专家,精通 Go/Python/Java 等多语言开发。博客专注技术原理与实战结合,深度解析 Python 高阶编程、Go 语言架构、数据库优化等硬核内容。涵盖并发编程、机器学习、云原生等前沿领域,通过真实案例拆
05-30 747
CROS 预检请求 异常解决方法 has been blocked by CORS policy: Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response.
解决:Request header field token is not allowed by Access-Control-Allow-Headers in
是日已过,命亦随减的博客
09-28 4806
在入口文件index.php中添加 header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Methods: GET, POST, PATCH, PUT, OPTIONS, DELETE'); header('Access-Control-Allow-Headers: *'); 其他添加过的地方全部删除,否则会重复。 如果以这种方式添加则不会生效: $header['Access-Control-Allow-Origin
问题:Request header field token is not allowed by Access-Control-Allow-Headers in preflight response
小筱在线博客
05-23 5124
Access to XMLHttpRequest at 'http://xxxx' from origin 'http://yyyy has been blocked by CORS policy: Request header field token is not allowed by Access-Control-Allow-Headers in preflight response
Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflig问题解决
阿牛哥的博客
10-18 3912
Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflig问题解决
解决【Request header field bb is not allowed by Access-Control-Allow-Headers in preflight response.】问题
优快云wangjinwei的博客
06-06 1075
请求报头字段在响应中不被Access-Control-Allow-Headers允许,导致出现导致。设置请求头,解决问题。
Java Web 设置
qq_37377082的博客
12-03 366
设置全局过滤器 import javax.servlet.*; import javax.servlet.annotation.WebFilter; import javax.servlet.http.HttpServletResponse; import java.io.IOException; /** * 配置 * @author lijinghua */ @WebFilter(urlPatterns = {"/*"}) public class CorsFilter implements
Access to XMLHttpRequest at 'http://api.offical.ikaiyou.com/v1/accelerate/game/home_game_list' from origin 'null' has been blocked by CORS policy: Request header field sign is not allowed by Access-Control-Allow-Headers in preflight response.
最新发布
06-25
错误信息 “blocked by CORS policy: Request header field sign is not allowed by Access-Control-Allow-Headers in preflight response” 表明服务器在预检响应中没有在 `Access-Control-Allow-Headers` 头部中...
Request header field * is not allowed by Access-Control-Allow-Headers in preflight response问题解决
古柏树下的博客
06-13 3万+
问题 报错信息为:Failed to load http://localhost:8080/jfly.openapi/produce/listMachFeedingBoard/v1: Request header field Content-Type is not allowed by Access-Control-Allow-Headers in preflight response. ...
blocked by CORS policy: Request header field token is not allowed by Access-Control-Allow-Headers in
Ggome的博客
05-11 6566
原因设置没有设置token名称,将token加入请求请求头里面即可。
Request header field Content-Type is not allowed by Access-Control-Allow-Headers in preflight res
Miss Dan的博客
12-25 6444
一、问题: 请求中包含自定义header字段时,浏览器console报错。 Request header field Content-Type is not allowed by Access-Control-Allow-Headers in preflight response 二、原因: 包含自定义header字段的请求,浏览器会先向服务器发送OPTIONS请求,探测该服务器是...
Java过滤器配置类导致问题:Request header field token is not allowed by Access-Control-Allow-Headers in prefli
ELSA001的博客
03-04 2547
Java过滤器配置类导致问题:Request header field token is not allowed by Access-Control-Allow-Headers in prefli
Request header field Content-Type is not allowed by Access-Control-Allow-Headers
热门推荐
xuedapeng的博客
01-16 8万+
一、问题: 请求中包含自定义header字段时,浏览器console报错。 Request header field xfilesize is not allowed by Access-Control-Allow-Headers 二、原因: 包含自定义header字段的请求,浏览器会先向服务器发送OPTIONS请求,探测该服务器是否允许自定义的字段。 如果允许,则继
Request header field userRole is not allowed by Access-Control-Allow-Headers in preflight response.
奔跑的痕迹的博客
03-06 627
使用一个axios 遇到同事设置的请求头在我请求的接口中部被允许 最后使用transformRequest 干掉其他的key axios.get('https://www.baidu.com',{ transformRequest :[ (data, headers) => { delete heade...
Request header field storeid is not allowed by Access-Control-Allow-Headers in preflight response.
夏已微凉、
04-29 1262
一、问题二、修改 一、问题 在 header 中加入自定义字段 storeid,前端调接口,报错提示:Request header field storeid is not allowed by Access-Control-Allow-Headers in preflight response. 大概意思是: 在请求头中不允许使用字段 storeid 二、修改 //允许在header中传参数:storeid header("Access-Control-Allow-Headers: token, O.
Request header field Content-Type is not allowed by Access-Control-Allow-Headers
陈万洲的专栏
12-23 6万+
错误提示: XMLHttpRequest cannot load http://xxx.com. Request header field Content-Type is not allowed by Access-Control-Allow-Headers. 解决方案: 例如php服务端程序设置头: header('Access-Control-Allow-Origin: *...
Request header field xxxx is not allowed by Access-Control-Allow-Headers in preflight response问题
weixin_45203607的博客
06-08 4790
这是因为目标服务不允许在请求头中加 x-run-as 这个第一种,前端请时候将请求头中的 x-run-as 这个去掉第二种,后端配置中的请求头中添加这个key
Request header field token is not allowed by Access-Control-Allow-Headers in
datouniao1的博客
01-11 1万+
前后端分离项目 后端接口做了的处理 前端在header中传递了token,解决办法: @Override public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException { HttpServletResponse res = (HttpServletResponse) response; r
Request header field xxx is not allowed by Access-Control-Allow-Headers in preflight response.
m0_46401243的博客
11-26 335
用前台调第三方接口,提示 后台没有设置相同的请求头参数
Request header field * is not allowed by Access-Control-Allow-Headers in preflight response
秦学强
04-02 1万+
问题记录:请求 headers里添加自定义header时,出现以下错误错误原因   参考:https://www.cnblogs.com/cc299/p/7339583.html解决方法如下nginx  配置 add_header 'Access-Control-Allow-Headers' 添加 自定义header add_header 'Access-Control-Allow-Heade...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值