訪問控制允許來源錯誤ember.js

Question

我使用ember.js並拋出我這個錯誤：

XMLHttpRequest cannot load http://127.0.0.1:20000/accounts/0 . Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin ' http://localhost:4200 ' is therefore not allowed access.

在我的服務器端，我把代碼打印出記錄GET，POST和PUT調用。它不打印任何東西。因此，我認爲客戶端從未向服務器提出任何請求。 （但是，訪問'http://127.0.0.1:20000/accounts/0'手動確實調用了GET方法的日誌。）

服務器端已編碼爲返回Access-Control-Allow-Origin，並且它適用於其他方法。

那麼，我的問題是什麼？

，只爲記錄​​，在Java服務器端是：

responseBuilder.header("Access-Control-Allow-Origin", "http://localhost:4200"); 
responseBuilder.header("Access-Control-Allow-Headers", "origin, content-type, accept, authorization, auth-token"); 
responseBuilder.header("Access-Control-Allow-Credentials", "true"); 
responseBuilder.header("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT"); 
responseBuilder.allow("OPTIONS"); 

，並在我的ember.js配置/ environment.js我：

ENV['contentSecurityPolicy'] = { 
     'default-src': "*" 
    }; 

Answer 1

解決：

private static void setAccessControlAllowOrigin(ServletContextHandler context) { 
     FilterHolder holder = new FilterHolder(CrossOriginFilter.class); 
     holder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "*"); 
     holder.setInitParameter(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER, "http://127.0.0.1:4200"); 
     holder.setInitParameter(CrossOriginFilter.ALLOWED_METHODS_PARAM, "GET,POST,PUT,HEAD"); 
     holder.setInitParameter(CrossOriginFilter.ALLOWED_HEADERS_PARAM, "X-Requested-With,Content-Type,Accept,Origin"); 
     holder.setName("cross-origin"); 
     FilterMapping fm = new FilterMapping(); 
     fm.setFilterName("cross-origin"); 
     fm.setPathSpec("*"); 
     context.getServletHandler().addFilter(holder, fm); 
    }