1、配置允许跨域请求

Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"

一定要加always;
Max-Age设的是OPTIONS请求的缓存时间,单位秒

2、有些被代理服务器在请求OPTIONS时会返回403,建议代理服务器配置所有OPTIONS都返回200

RewriteEngine On
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]

所有OPTIONS请求都返回200,应视服务器使用情况而定

https://benjaminhorn.io/code/setting-cors-cross-origin-resource-sharing-on-apache-with-correct-response-headers-allowing-everything-through/

05-18 05:26