Access-Control-Allow-Origin: http://xxxxxxxxxxxxxx // 设置允许请求的域名,多个域名以逗号分隔
Access-Control-Max-Age:1800 // 表示隔30分钟才发起预检请求,发送两次请求
Access-Control-Allow-Methods:GET, POST, PUT, DELETE, OPTIONS // 设置允许请求的方法,多个方法以逗号分隔
Access-Control-Allow-Headers: Authorization // 设置允许请求自定义的请求头字段,多个字段以逗号分隔
Access-Control-Allow-Credentials: true // 设置是否允许发送 Cookies
Web.config配置(前端VueJS)
<system.webServer>
<httpProtocol>
<customHeaders>
<add name="Access-Control-Allow-Origin" value="http://xxxxx" />
<add name="Access-Control-Max-Age" value="1800" />
<add name="Access-Control-Allow-Methods" value="*" />
<add name="Access-Control-Allow-Headers" value="Origin, X-Requested-With, Content-Type, Accept" />
<add name="Access-Control-Allow-Credentials" value="true" />
</customHeaders>
</httpProtocol>
</system.webServer>