我遇到了一个我无法解决的问题。
我有一些 js (jquery) POST soap (over PHP) 请求代码在 Apache 上工作,并启用了 Cors 来调用 HTTPS,它运行良好。
我已经迁移到 IIS7,设置响应标头:
Access-Control-Allow-Origin = *
Access-Control-Allow-Methods = POST`
现在在发送时很奇怪
Content-Type: text/xml;
它被拒绝,但是在发送默认值时
application/x-www-form-urlencoded
奇怪的是,我得到了响应(当然是来自 Soap 服务器的错误响应,但仍然意味着 Cors 可以为此工作)。
所以问题是,是否在 iis 标头中设置了其他内容?我试图找到一天的答案,但没有运气。我的猜测是它是关于Access-Control-Allow-Headers但我仍然找不到一个有效的例子。
您需要设置以下标头:
Access-Control-Allow-Headers: Content-Type
You may also have to put other headers in that list. The best way to figure out which headers to add is to inspect the Access-Control-Request-Headers header on the request, and see what values its asking for, and then echo those values in the response above.
The reason Content-Type needs to be included in this header is because you are asking for a non-standard value ('application/x-www-form-urlencoded' is a standard value).