The 'Access-Control-Allow-Origin' header contains multiple values', ', but only one is allowed.

转自 https://blog.csdn.net/xxwd12/article/details/98882461

1、Failed to load http://xx.com/mobile/service: The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed. Origin 'http://localhost:8081' is therefore not allowed access.

解决：

出现这问题有可能是服务器端配置了跨域选项，在代码端也指定了跨域设置导致冲突，去掉一边的配置即可

代码中配置了跨域拦截器：

public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
        response.setHeader("Access-Control-Max-Age", "3600");
        response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
        response.setHeader("Access-Control-Allow-Credentials","true");
        return super.preHandle(request, response, handler);
    }

nginx配置了：

  add_header Access-Control-Allow-Origin *;
  add_header Access-Control-Allow-Methods GET,POST,OPTIONS;    
  add_header Access-Control-Allow-Headers X-Requested-With;

去掉其中之一。

2、Failed to load http://xx.com/mobile/service: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8081' is therefore not allowed access.
这是跨域错误

解决：

上面两种方式选其一。

第三中方式：使用@CrossOrigin注解进行细粒度处理，@CrossOrigin可以使用在类和方法上面

其中@CrossOrigin中的2个参数：

origins ：允许可访问的域列表

maxAge：准备响应前的缓存持续的最大时间（以秒为单位）。

posted @ 2019-09-24 08:52 猪脚踏浪阅读(27006) 评论(1) 编辑收藏举报

刷新页面返回顶部

猪脚踏浪

The 'Access-Control-Allow-Origin' header contains multiple values'*, *', but only one is allowed.

公告

The 'Access-Control-Allow-Origin' header contains multiple values', ', but only one is allowed.