我用fetch向后台请求一个数据,后台重定向到另外一个服务器去做权限验证,现在提示
No 'Access-Control-Allow-Origin' header is present on the requested resource.
改成mode='no-cors'之后,没有这个问题了,但是无法重定向到新的页面,返回的status=0.
有谁对fetch跨域了解的吗?
https://developer.mozilla.org...
The mode read-only property of the Request interface contains the mode of the request (e.g., cors, no-cors, cors-with-forced-preflight, same-origin, or navigate.) This is used to determine if cross-origin requests lead to valid responses, and which properties of the response are readable:
same-origin — If a request is made to another origin with this mode set, the result is simply an error. You could use this to ensure that a request is always being made to your origin.
**no-cors — Prevents the method from being anything other than HEAD, GET or POST. If any ServiceWorkers intercept these requests, they may not add or override any headers except for these. In addition, JavaScript may not access any properties of the resulting Response. This ensures that ServiceWorkers do not affect the semantics of the Web and prevents security and privacy issues arising from leaking data across domains.**
cors — Allows cross-origin requests, for example to access various APIs offered by 3rd party vendors. These are expected to adhere to the CORS protocol. Only a limited set of headers are exposed in the Response, but the body is readable.
navigate — A mode for supporting navigation. The navigate value is intended to be used only by HTML navigation. A navigate request is created only while navigating between documents.设置了no-cors以后就不会发送跨域请求了,所以返回 status=0,因为请求根本没发出去.
正确的做法是
https://developer.mozilla.org...
让你们的服务器开发人员在Http Response 中添加Access-Control-Allow-Origin 头