跨域时post未带上cookie
是一个图片验证码登录的项目,GET的时候cookie是有携带的,但POST的时候就带不了
1.这是前端的配置:
import axios from 'axios'
axios.defaults.withCredentials = true
export default function ajax(url = '', data = {}, type = 'GET') {
return new Promise(function (resolve, reject) {
let promise;
if (type === 'GET') {
//
} else {
promise = axios.post(url, data);
}
promise
.then(response => resolve(response.data))
.catch(error => reject(error));
})
}
2.这是后端的配置(http://192.168.43.120:8080是前端的地址)
app.all("*", function (req, res, next) {
if (!req.get("Origin")) return next();
res.set("Access-Control-Allow-Credentials", "true")
res.set("Access-Control-Allow-Origin", 'http://192.168.43.120:8080' || req.headers.origin || "*");
res.set("Access-Control-Allow-Methods", "PUT,POST,GET,DELETE,OPTIONS");
res.set("Access-Control-Allow-Headers", "Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,userId,token,Access-Control-Allow-Headers");
if ("OPTIONS" === req.method) return res.sendStatus(200);
next();
});3.这是POST前OPTIONS的报文
General:
Request URL: http://127.0.0.1:4000/login_pwd
Request Method: OPTIONS
Status Code: 200 OK
Remote Address: 127.0.0.1:4000
Referrer Policy: no-referrer-when-downgrade
Response Headers:
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,userId,token,Access-Control-Allow-Headers
Access-Control-Allow-Methods: PUT,POST,GET,DELETE,OPTIONS
Access-Control-Allow-Origin: http://192.168.43.120:8080
Connection: keep-alive
Content-Length: 2
Content-Type: text/plain; charset=utf-8
Date: Fri, 20 Sep 2019 04:14:01 GMT
ETag: W/"2-nOO9QiTIwXgNtWtBJezz8kv3SLc"
X-Powered-By: Express
Request Headers:
Provisional headers are shown
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: http://192.168.43.120:8080
Referer: http://192.168.43.120:8080/login
Sec-Fetch-Mode: no-cors
User-Agent: Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Mobile Safari/537.364.这是POST的报文
General:
Request URL: http://127.0.0.1:4000/login_pwd
Request Method: POST
Status Code: 200 OK
Remote Address: 127.0.0.1:4000
Referrer Policy: no-referrer-when-downgrade
Response Headers:
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Origin, No-Cache, X-Requested-With, If-Modified-Since, Pragma, Last-Modified, Cache-Control, Expires, Content-Type, X-E4M-With,userId,token,Access-Control-Allow-Headers
Access-Control-Allow-Methods: PUT,POST,GET,DELETE,OPTIONS
Access-Control-Allow-Origin: http://192.168.43.120:8080
Connection: keep-alive
Content-Length: 37
Content-Type: application/json; charset=utf-8
Date: Fri, 20 Sep 2019 04:14:01 GMT
ETag: W/"25-HXcfghldbcD5m9V0JPm78BfRK10"
X-Powered-By: Express
Request Headers:
Provisional headers are shown
Accept: application/json, text/plain, */*
Content-Type: application/json;charset=UTF-8
Origin: http://192.168.43.120:8080
Referer: http://192.168.43.120:8080/login
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Linux; Android 5.0; SM-G900P Build/LRX21T) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.132 Mobile Safari/537.36
Request Payload:
{name: "5", pwd: "6", captcha: "ihlg"}
captcha: "ihlg"
name: "5"
pwd: "6"如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
axios 设置withCredentials: true
看起来没有任何问题,前后端都设置了允许带cookie啊