本文介绍了错误:由于MIME类型("text/html")不匹配而被阻止(X-Content-Type-Options:nosniff)的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我正在尝试使用express和ajax在测试站点上测试一些api调用,但是如果我将js脚本分离到它自己的文件中,则会出现以下错误,
It works if I keep everything in the same html file but thats more like a bandaid to the problem. I have even set the express app.use header to "X-Content-Type-Options: nosniff" but it still doesn't work
main.html
<html>
<head>
<script
src="https://code.jquery.com/jquery-3.4.1.min.js"
integrity="sha256-CSXorXvZcTkaix6Yvo6HppcZGetbYMGWSFlBw8HfCJo="
crossorigin="anonymous">
</script>
<script src="userProfileFunctions.js" ></script>
</head>
<body>
<form>
<h4>GET REQUEST USERS PROFILE</h4>
UUID: <input id="getUserInput" type="text" name="UUID"><br>
<input id="getUserProfile" type="button" value="submit">
</form>
</body>
</html>
app.js
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
解决方案
This is not a very technical answer, but I was getting this same error with testing even though the production version worked. The error went away when I switched Off Enhanced Tracking Protection in Firefox (Developer Edition).
这篇关于错误:由于MIME类型("text/html")不匹配而被阻止(X-Content-Type-Options:nosniff)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!