我通过客户端浏览器向服务器发出请求,例如https://example.com/bar,但收到错误消息:
Access to XMLHttpRequest at 'https://example.com/bar/' from origin 'https://www.example.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
但是,当使用 clj-http.client 时,我得到以下标头:
{"Access-Control-Allow-Headers" "Content-Type",
"Server" "Aleph/0.4.4",
"Via" "1.1 vegur",
"Content-Type" "application/edn",
"Access-Control-Allow-Origin" "*",
"Connection" "close",
"Transfer-Encoding" "chunked",
"Access-Control-Request-Method" "GET",
"Date" "Sat, 14 Mar 2020 10:10:43 GMT",
"Vary" "Accept-Encoding"},
如果通过 clj-http.client 请求的标头中存在 Access-Control-Allow-Origin,那么为什么浏览器会说它不存在?
- - 编辑 - -
什么有效:
;; clj-http.client gives the correct response with the headers above.
(get "https://www.example.com/bar")
给出:
{:cached nil,
:request-time 456,
:repeatable? false,
:protocol-version {:name "HTTP", :major 1, :minor 1},
:streaming? true,
:http-client
#object[org.apache.http.impl.client.InternalHttpClient 0x367237a0 "org.apache.http.impl.client.InternalHttpClient@367237a0"],
:chunked? true,
:reason-phrase "OK",
:headers
{"Access-Control-Allow-Headers" "Content-Type",
"Server" "Aleph/0.4.4",
"Via" "1.1 vegur",
"Content-Type" "application/edn",
"Access-Control-Allow-Origin" "*",
"Connection" "close",
"Transfer-Encoding" "chunked",
"Access-Control-Request-Method" "GET",
"Date" "Sat, 14 Mar 2020 18:54:05 GMT",
"Vary" "Accept-Encoding"},
:orig-content-encoding nil,
:status 200,
:length -1,
:body
"({:foo \"bar\", :foo2 \"bar2\", :foo4 0, :foo3 [\"...
:trace-redirects []
}
什么不起作用
;; At the client, using cljs-http.client
(go (let [response (<! (http/get https://example.com/bar))]
(prn response)))
印刷
{:status 0, :success false, :body "", :headers {}, :trace-redirects ["https://example.com/bar" "https://example.com/bar"], :error-code :http-error, :error-text " [0]"}