Cross-Origin Request Blocked with CORS headers pre

2019-07-17 16:32发布

on the server side I have the following filter in apache which allow all methods and all origins by defaults

<filter>
  <filter-name>CorsFilter</filter-name>
  <filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
</filter>
<filter-mapping>
  <filter-name>CorsFilter</filter-name>
  <url-pattern>/*</url-pattern>
</filter-mapping>

Using angular $http One post is working, but another fail failed. The request that fails talks to another app on the same apache.

Cross-Origin Request Blocked: The Same Origin Policy disallows 
reading the remote resource at http://localhost:.. 
(Reason: CORS header 'Access-Control-Allow-Origin' 
does not match 'http://localhost:8100, http://localhost:8100').

But the response header does contain the ACAO

HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
access-control-allow-credentials: true, true
access-control-allow-origin: http://localhost:8100, http://localhost:8100
Vary: Origin
Content-Type: application/json;charset=UTF-8
Transfer-Encoding: chunked
Date: Thu, 22 Oct 2015 04:35:29 GMT

Where did the ' http://localhost:8100, http://localhost:8100' come from ? Do you think it is angular $http or Apache problem ?

1条回答
对你真心纯属浪费
2楼-- · 2019-07-17 17:11

Access-Control-Allow-Origin accepts either '*' or a single origin for its value. You can't put a comma-separated list there.

The browser is matching the origin (http://localhost:8100 against http://localhost:8100, http://localhost:8100 and not getting a match.

You have a similar problem on the line before. It looks like you are running the code to insert your CORS headers twice.

查看更多
登录 后发表回答