虽然已通过 API 网关设置 CORS 并且设置了 Access-Control-Allow-Origin 标头,但在 Chrome 中尝试从 AJAX 调用 API 时仍然收到以下错误:
XMLHttpRequest 无法加载
来自 OPTIONS 的回复:
如何在不恢复为 JSON-P 的情况下从浏览器调用我的 API?
解决方案我遇到了同样的问题.我已经用了 10 小时来找出答案.
serverless/framework/docs/providers/aws/events/apigateway/
//handler.js'使用严格';module.exports.hello = 函数(事件,上下文,回调){常量响应 = {状态代码:200,标题:{"Access-Control-Allow-Origin" : "*",//需要 CORS 支持才能工作"Access-Control-Allow-Credentials" : true//需要 cookie、HTTPS 授权标头},body: JSON.stringify({ "message": "Hello World!" })};回调(空,响应);};Although CORS has been set up through API Gateway and the Access-Control-Allow-Origin header is set, I still receive the following error when attempting to call the API from AJAX within Chrome:
XMLHttpRequest cannot load XXXXX.execute-api.us-west-2.amazonaws/beta/YYYYY. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 403.
I attempted to GET the URL through Postman and it shows the above header is successfully passed:
And from the OPTIONS reponse:
How can I call my API from the browser without reverting to JSON-P?
解决方案I get the same problem. I have used 10hrs to findout.
serverless/framework/docs/providers/aws/events/apigateway/
// handler.js 'use strict'; module.exports.hello = function(event, context, callback) { const response = { statusCode: 200, headers: { "Access-Control-Allow-Origin" : "*", // Required for CORS support to work "Access-Control-Allow-Credentials" : true // Required for cookies, authorization headers with HTTPS }, body: JSON.stringify({ "message": "Hello World!" }) }; callback(null, response); };
更多推荐
API 网关 CORS:没有“Access
发布评论