飞行前的响应具有无效的HTTP状态代码403+;角度2+;Java Spring启动
我正在使用angular 2中的以下标题对服务器进行API GET调用。我的angular 2代码如下:飞行前的响应具有无效的HTTP状态代码403+;角度2+;Java Spring启动,spring,angular,spring-boot,preflight,Spring,Angular,Spring Boot,Preflight,我正在使用angular 2中的以下标题对服务器进行API GET调用。我的angular 2代码如下: let headers = new Headers(); headers.append('Content-Type', 'application/json'); headers.append('Authorization', `${this.publisherAccessTokenVar}`); let options = new RequestOptions({ headers: hea
let headers = new Headers();
headers.append('Content-Type', 'application/json');
headers.append('Authorization', `${this.publisherAccessTokenVar}`);
let options = new RequestOptions({ headers: headers });
return this.http.get( 'https://blahblah', options)
.retryWhen((error) => error.delay(this.appConfig.serviceCallRetryDelay))
.timeout(this.appConfig.serviceCallRetryTimeOut)
.map((response: Response) => response.json());
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", ((HttpServletRequest) req).getHeader("Origin"));
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "POST,PUT, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Access-Control-Request-Method,Access-Control-Request-Headers,Content-Type, Accept, X-Requested-With, remember-me, Authorization, X-XSRF-TOKEN");
chain.doFilter(req, res);
我的spring boot CORS代码如下:
let headers = new Headers();
headers.append('Content-Type', 'application/json');
headers.append('Authorization', `${this.publisherAccessTokenVar}`);
let options = new RequestOptions({ headers: headers });
return this.http.get( 'https://blahblah', options)
.retryWhen((error) => error.delay(this.appConfig.serviceCallRetryDelay))
.timeout(this.appConfig.serviceCallRetryTimeOut)
.map((response: Response) => response.json());
HttpServletResponse response = (HttpServletResponse) res;
response.setHeader("Access-Control-Allow-Origin", ((HttpServletRequest) req).getHeader("Origin"));
response.setHeader("Access-Control-Allow-Credentials", "true");
response.setHeader("Access-Control-Allow-Methods", "POST,PUT, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "Access-Control-Request-Method,Access-Control-Request-Headers,Content-Type, Accept, X-Requested-With, remember-me, Authorization, X-XSRF-TOKEN");
chain.doFilter(req, res);
我遇到以下错误:
OPTIONS http://blah-blah.com/abcd/logout 403 (Forbidden)
XMLHttpRequest cannot load http://blah-blah.com/abcd/logout. Response for preflight has invalid HTTP status code 403
如何解决这个问题???您必须在控制器声明之前添加@CrossOrigin 看