https://blog.csdn.net/iechenyb/article/details/84753613
使用Ajax跨域请求资源,Nginx作为代理,出现:The ‘Access-Control-Allow-Origin’ header contains multiple values ‘*, *’, but only one is allowed 错误。
服务端允许跨域配置:
#region 设置允许跨域,允许复杂请求
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Origin", "*");
if (HttpContext.Current.Request.HttpMethod == "OPTIONS")
{
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,PATCH,OPTIONS");
HttpContext.Current.Response.AddHeader("Access-Control-Allow-Headers", "Content-Type, Accept, Authorization");
//HttpContext.Current.Response.AddHeader("Access-Control-Max-Age", "1728000");
HttpContext.Current.Response.End();
}
#endregion
Nginx的配置:
add_header 'Access-Control-Allow-Origin' '*';
location / {
if ($request_method = 'OPTIONS') {
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods GET,POST,PUT,DELETE,PATCH,OPTIONS;
return 200;
}
proxy_pass http://xx:8002/;
#proxy_pass http://localhost:62249/;
}
看上面错误提示,contains multiple values “*” 意思就是设置了2次跨域,但是只有一个是允许的,移除其中的任意一个就好了。如果服务器设置了允许跨域,使用Nginx代理里面就不需要了(或者就不用使用Nginx了)
https://blog.csdn.net/xxwd12/article/details/98882461
*1、Failed to load http://xx.com/mobile/service: The ‘Access-Control-Allow-Origin’ header contains multiple values '*, ', but only one is allowed. Origin ‘http://localhost:8081’ is therefore not allowed access.
解决:
出现这问题有可能是服务器端配置了跨域选项,在代码端也指定了跨域设置导致冲突,去掉一边的配置即可
代码中配置了跨域拦截器:
public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
response.setHeader("Access-Control-Allow-Origin", "*");
response.setHeader("Access-Control-Allow-Methods", "POST, GET, OPTIONS, DELETE");
response.setHeader("Access-Control-Max-Age", "3600");
response.setHeader("Access-Control-Allow-Headers", "x-requested-with");
response.setHeader("Access-Control-Allow-Credentials","true");
return super.preHandle(request, response, handler);
}
nginx配置了:
add_header Access-Control-Allow-Origin *;
add_header Access-Control-Allow-Methods GET,POST,OPTIONS;
add_header Access-Control-Allow-Headers X-Requested-With;
去掉其中之一。
2、Failed to load http://xx.com/mobile/service: No ‘Access-Control-Allow-Origin’ header is present on the requested resource. Origin ‘http://localhost:8081’ is therefore not allowed access.
这是跨域错误
解决:
上面两种方式选其一。
第三中方式:使用@CrossOrigin注解进行细粒度处理,@CrossOrigin可以使用在类和方法上面
其中@CrossOrigin中的2个参数:
origins : 允许可访问的域列表
maxAge:准备响应前的缓存持续的最大时间(以秒为单位)。