问题描述
const headerParameters = {
Authorization: 'Bearer ...',};
const response = await this.request({
path: `/{documentId}`.replace(`{${"documentId"}}`,encodeURIComponent(String(requestParameters.documentId))),method: 'GET',headers: headerParameters,query: queryParameters,});
服务器以 307
和以下标头响应:
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: origin,x-requested-with,accept,content-type,authorization,cookie,actor
Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS,PATCH
Access-Control-Allow-Origin: http://localhost:3000
Access-Control-Max-Age: 3628800
Cache-Control: no-cache,no-store,max-age=0,must-revalidate
Connection: keep-alive
Content-Length: 0
Date: Thu,22 Apr 2021 12:45:29 GMT
Expires: 0
Location: https://storage.googleapis.com/O992204202100001?SOME_GOOGLE_QUERY_ParaMS_FOR_SIGNED_URL
Origin: http://localhost:3000
Pragma: no-cache
Set-Cookie: JSESSIONID=m6VEjCRYukTqOGdAe1ffdrwj5CIycILI; path=/
Strict-Transport-Security: max-age=15724800; includeSubDomains
X-Content-Type-Options: nosniff
x-frame-options: DENY
x-robots-tag: noindex,nofollow always
X-XSS-Protection: 1; mode=block
客户端然后使用以下请求标头向“位置”发出 OPTIONS 预检请求:
:authority: storage.googleapis.com
:method: OPTIONS
:path: /O992204202100001?SOME_GOOGLE_QUERY_ParaMS_FOR_SIGNED_URL
:scheme: https
accept: */*
accept-encoding: gzip,deflate,br
accept-language: en-US,en;q=0.9
access-control-request-headers: authorization
access-control-request-method: GET
cache-control: no-cache
origin: null
pragma: no-cache
referer: http://localhost:3000/
sec-fetch-dest: empty
sec-fetch-mode: cors
sec-fetch-site: cross-site
user-agent: Mozilla/5.0Chrome/90.0.4430.72 Safari/537.36
我的大问题是:为什么预检请求中的“origin”标头为“null”?
我的问题是 CORS 问题,浏览器无法下载签名的 url 文件。我在存储桶上的 CORS 设置是:
[{"origin": ["*"]}]
所以我看到的唯一问题是“空”标头,这会阻止 GCS 使用正确的 CORS 标头进行响应。
为什么在跟随重定向时 fetch
将 origin
标头设置为 null
?有什么办法可以防止这种情况发生?
解决方法
暂无找到可以解决该程序问题的有效方法,小编努力寻找整理中!
如果你已经找到好的解决方法,欢迎将解决方案带上本链接一起发送给小编。
小编邮箱:dio#foxmail.com (将#修改为@)