The ‘Access-Control-Allow-Origin‘ header contains multiple values‘, ‘, but only one is allowed.

最新推荐文章于 2024-04-26 17:29:42 发布

Mr_Eiffel

最新推荐文章于 2024-04-26 17:29:42 发布

阅读量855

点赞数

分类专栏： nginx 文章标签： nginx

原文链接：https://blog.csdn.net/iechenyb/article/details/84753613

版权

nginx 专栏收录该内容

7 篇文章 0 订阅

订阅专栏

https://blog.csdn.net/iechenyb/article/details/84753613
使用Ajax跨域请求资源，Nginx作为代理，出现：The ‘Access-Control-Allow-Origin’ header contains multiple values ‘*, *’, but only one is allowed 错误。

服务端允许跨域配置：

#region 设置允许跨域，允许复杂请求
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "*");
if (HttpContext.Current.Request.HttpMethod == "OPTIONS")
{
	HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,PATCH,OPTIONS");
	HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept, Authorization");
	//HttpContext.Current.Response.AddHeader("Access-Control-Max-Age", "1728000");
	HttpContext.Current.Response.End();
}
#endregion

Nginx的配置：

add_header 'Access-Control-Allow-Origin' '*';
location / {
	if ($request_method = 'OPTIONS') {
		add_header Access-Control-Allow-Origin *;
		add_header Access-Control-Allow-Methods GET,POST,PUT,DELETE,PATCH,OPTIONS;
		return 200;
	}

	proxy_pass http://xx:8002/;
	#proxy_pass http://localhost:62249/;
}

看上面错误提示，contains multiple values “*” 意思就是设置了2次跨域，但是只有一个是允许的，移除其中的任意一个就好了。如果服务器设置了允许跨域，使用Nginx代理里面就不需要了（或者就不用使用Nginx了）

https://blog.csdn.net/xxwd12/article/details/98882461
*1、Failed to load http://xx.com/mobile/service: The ‘Access-Control-Allow-Origin’ header contains multiple values '*, ', but only one is allowed. Origin ‘http://localhost:8081’ is therefore not allowed access.

解决：

出现这问题有可能是服务器端配置了跨域选项，在代码端也指定了跨域设置导致冲突，去掉一边的配置即可

代码中配置了跨域拦截器：

public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
        response.setHeader("Access-Control-Allow-Credentials","true");
        return super.preHandle(request, response, handler);
    }

nginx配置了：

add_header Access-Control-Allow-Origin *;
  add_header Access-Control-Allow-Methods GET,POST,OPTIONS;    
  add_header Access-Control-Allow-Headers X-Requested-With;

去掉其中之一。

2、Failed to load http://xx.com/mobile/service: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘http://localhost:8081’ is therefore not allowed access.

这是跨域错误

解决：

上面两种方式选其一。

第三中方式：使用@CrossOrigin注解进行细粒度处理，@CrossOrigin可以使用在类和方法上面

其中@CrossOrigin中的2个参数：

origins ：允许可访问的域列表

maxAge：准备响应前的缓存持续的最大时间（以秒为单位）。

Mr_Eiffel

关注

0
点赞
踩
0

收藏

觉得还不错? 一键收藏
0
评论
The ‘Access-Control-Allow-Origin‘ header contains multiple values‘*, *‘, but only one is allowed.

https://blog.csdn.net/iechenyb/article/details/84753613使用Ajax跨域请求资源，Nginx作为代理，出现：The ‘Access-Control-Allow-Origin’ header contains multiple values ‘*, *’, but only one is allowed 错误。服务端允许跨域配置：#region 设置允许跨域，允许复杂请求HttpContext.Current.Response.AddHeader(
复制链接

扫一扫