0

Recently, I noticed my browser console is flooded with error messages like below.

Access to XMLHttpRequest at 'https://api.appcues.net/v1/accounts/45873/users/xxxxxxxxxxxxxx/taco?url=https%3A%2F%2Fxxxxxxxxxxxxxxxxxxxx' from origin 'https://sssssssssssssss' has been blocked by CORS policy: Request header field request-id is not allowed by Access-Control-Allow-Headers in preflight response.

I think it might be caused by the AppInsights libraries we added to our project recently.

I wonder if there's a way to remove the request-id header for OPTIONS request.

4

1 回答 1

0

一种可能的解决方案是您可以编写自定义中间件,然后在中间件中,您可以尝试删除请求的request-id标头。OPTIONS

但是我不确定在删除标题时是否会产生一些不良影响。因此,如果可能,您最好在 cors 规则中添加标题。

于 2021-03-29T06:46:35.357 回答