本文是小编为大家收集整理的关于如何修复iOS 12 Safari CORS前飞行错误?的处理/解决方法,可以参考本文帮助大家快速定位并解决问题,中文翻译不准确的可切换到English标签页查看源文。
问题描述
我试图更好地理解CORS,因为我们的Web应用程序的几个用户正在抱怨,因为他们升级到iOS 12,他们正在收到前飞行错误.
Web检查员的错误
[Error] Preflight response is not successful [Error] Fetch API cannot load https://www.api.com due to access control checks. [Error] Failed to load resource: Preflight response is not successful (v4, line 0)
客户端应用程序是带有Apollo的React应用程序.它使用Apache HTTPD和Express JS来调用HTTPS的服务器.
所有其他浏览器都可以正常工作,这与iOS 12隔离.
当我浏览HTTPD访问日志时,什么是奇怪的,我看不到任何前通话.当我尝试直接击中服务器时(在iOS 12上)时,我会看到前飞行选项请求并在日志中发布.但是,当通过Web应用程序调用服务器时,CORS前飞行失败.
在Express App中,我还记录了所有请求,并且也没有出现.
在httpd中,我有
的设置Header set Access-Control-Allow-Origin "*" Header set Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS
在Express我有同样的事情.
有什么想法吗?!
推荐答案
它是iosv12中的一个错误,但是它已经在iosv12.1 beta(16B5059D)中固定,假设当前的beta代码将其用于生产.
问题是IOSV12 WebKit Preflight选项调用不会离开设备.我已经运行Wireshark和IOSV12模拟器来确认这一点.
其他推荐答案
如果它说"访问控制者"中的标题不允许,则可以通过从服务器端添加特定的标头来修复它,您可以在其中发送" access-control-allow-alleaders".因为通配符不起作用 即"访问控制 - 允许头":"*"
应该是 "访问控制者 - 允许头":"*,接受,内容类型,内容长度,接受编码,定制标题"
其他推荐答案
对于遇到此问题的任何人,问题是ios12不喜欢<add name="Access-Control-Allow-Headers" value="*" />当您有任何自定义标头时.这是在一个从未将其制成正式版本的测试版中修复的.
解决方案是单独指定每个自定义标头,例如:<add name="Access-Control-Allow-Headers" value="*,customheader1,customheader2" />
问题描述
I am trying to understand CORs a little better as several users of our web app are complaining since they upgraded to iOS 12 they are receiving preflight errors.
The errors from the web inspector
[Error] Preflight response is not successful [Error] Fetch API cannot load https://www.api.com due to access control checks. [Error] Failed to load resource: Preflight response is not successful (v4, line 0)
The client app is a React app with Apollo. It calls a server over HTTPS with Apache HTTPD and Express JS.
Everything works fine on all other browsers, this is isolated to iOS 12.
Whats weird is when I look through the HTTPD access logs, I can't see any preflight calls. When I try hit the server directly (on iOS 12), I see both the preflight OPTIONS request and POST in the logs. But when calling the server through the web app, the CORs preflight fails.
In the express app, I also logged out all requests, and it doesn't appear there either.
In HTTPD I have the settings of
Header set Access-Control-Allow-Origin "*" Header set Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS
In express I have the same thing.
Any ideas?!
推荐答案
It's a bug in iOSv12, but it's already fixed in iOSv12.1 beta (16B5059d), assuming the current beta code makes it into production.
The problem is that iOSv12 WebKit preflight OPTIONS calls don't leave the device. I've run WireShark and the iOSv12 simulator to confirm this.
其他推荐答案
If it says Header not allowed in "Access-Control-Allow-Headers", You can fix it by adding the specific Header from the server side, where you send "Access-Control-Allow-Headers". because wildcard is not working i.e “Access-Control-Allow-Headers”: “*"
It should be “Access-Control-Allow-Headers”: “*, Accept, Content-Type, Content-Length, Accept-Encoding, CUSTOM-ALLOWED-HEADER”
其他推荐答案
For anyone running into this issue, the problem is that iOS12 does not like <add name="Access-Control-Allow-Headers" value="*" /> when you have any custom headers. This was fixed in a BETA that never seemed to make it into an official release.
The solution is to specify each custom header individually, for example: <add name="Access-Control-Allow-Headers" value="*,customheader1,customheader2" />
更多相关问答
联系站长