一、Tomcat8
由ionic2 撰寫 App POST 呼叫Tomcat8 Server程式時出現
No ‘Access-Control-Allow-Origin’ header is present,
雖於Chrome加上Allow-Control-Allow-Origin擴充功能,
仍出現錯誤訊息OPTIONS 405 Method Not Allowed,
經查原因
因為在跨域且嘗試添加一些特殊頭及自定義頭的情況下,
由於瀏覽器的安全機制 會加多一次OPTIONS預請求(詢問請求),
與跨域服務器協商可以設置的頭部信息,可以允許的HTTP協議等等信息。
即雖用POST,會先用OPTIONS詢問是否可使用OPTIONS,
故需在 OPTIONS 的 header 加上相關資訊,
解法可參考:https://tomcat.apache.org/tomcat-8.0-doc/config/filter.html#CORS_Filter/Introduction
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,HEAD,OPTIONS,PUT</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.preflight.maxage</param-name>
<param-value>10</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>二、IIS的解法
於Web.config設定
<system.webServer>
...
<!-- No 'Access-Control-Allow-Origin' header is present on the requested resource. -->
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="*" />
<add name="Access-Control-Allow-Headers" value="Content-Type" />
<add name="Access-Control-Allow-Methods" value="GET, POST, PUT, DELETE, OPTIONS" />
</customHeaders>
</httpProtocol>
</system.webServer>
葛麗絲的分享世界 