我正试图将文件从localhost:8888上传到www.base.com。当上传开始时,我会出现以下错误
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote
resource at http://base.com/public_upload. (Reason: missing token 'x-file-name'
in CORS header 'Access-Control-Allow-Headers' from CORS preflight channel).
以下是我设置的php服务器的头响应
header('Access-Control-Allow-Origin: http://localhost:8888');
header("Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE");
header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept");
这是上传脚本中的请求头,该脚本在localhost:8888 托管的浏览器中运行
xhr.setRequestHeader("Content-Type", "multipart/form-data");
xhr.setRequestHeader("X-File-Name", unescape(encodeURIComponent(file.name)));
xhr.setRequestHeader("X-File-Size", file.size);
xhr.setRequestHeader("X-File-Type", file.type);
我可以错误配置哪些标头来创建这样的错误消息?
您必须将X-File-Name、X-File-Size和X-File-Type添加到标头列表中:
header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, X-File-Name, X-File-Size, X-File-Type");
移除Access-Control-Allow-Headers标头也应该可以。