代码如下,做个备忘,具体代码逻辑自行问AI去。
注:代码在生产环境慎加,有安全隐患,调试环境可用
const store = { allowHeader: [] };
app.use((req, res, next) => {
const origin = req.headers.origin;
const requestedHeaders = req.headers["access-control-request-headers"];
if (requestedHeaders) {
store.allowHeader = [
...new Set([...store.allowHeader, ...requestedHeaders.split(",")]),
];
}
res.header("Access-Control-Allow-Origin", origin);
res.header("Access-Control-Allow-Headers", store.allowHeader);
res.header("Access-Control-Allow-Methods", "PUT, POST, GET, DELETE, OPTIONS");
res.header("Access-Control-Allow-Credentials", "true");
res.header("Content-Type","application/json") //这行可不要
if (req.method === "OPTIONS") {
res.sendStatus(204);
} else {
next();
}
});