当前位置: 首页 > 知识库问答 >
问题:

响应中'access-control-allog-origin'标头的值不能是azure函数和javascript中的通配符'*'[duplicate]

狄冥夜
2023-03-14
[FunctionName("negotiate")]
    public static async Task<SignalRConnectionInfo> Run(
        [HttpTrigger(AuthorizationLevel.Anonymous, "post")] HttpRequest req, IBinder binder,
        ILogger log)
    {
        log.LogInformation("C# HTTP trigger function processed a request.");
        var data = await Authenticated(req, log);
        var connectionInfo = binder.Bind<SignalRConnectionInfo>(new SignalRConnectionInfoAttribute { HubName = "MapUpload", UserId = data });
        return connectionInfo;
    }
 "Host": {
    "CORS": "*"
  }
 <script>
   const connection = new signalR.HubConnectionBuilder()
   .withUrl('http://localhost:7071/api/')
   .configureLogging(signalR.LogLevel.Information)
   .build();

   connection.on('MapUpload', productOrdered);
   connection.onclose(() => console.log('disconnected'));

   console.log('connecting...');
   connection.start()
   .then(() => data.ready = true)
   .catch(console.error);
</script>

CORS策略阻止了从来源“http://localhost:7071/api/negotive”访问“http://localhost:3872”位于“http://localhost:7071/api/negotive”的XMLHttpRequest:对飞行前请求的响应未通过访问控制检查:当请求的凭据模式为“include”时,响应中“access-control-allog-origin”标头的值不能是通配符“*”。由XMLHttpRequest发起的请求的凭据模式由withCredentials属性控制。

我已经添加了“cors”:“*”,但仍然给我上面的错误。所以我可以知道我在上面的代码中缺少的配置。有人能帮助他们理解这个问题吗?任何帮助都将不胜感激。谢谢。

共有1个答案

董法
2023-03-14

根据fetch规范,要将credentialscors模式一起使用,需要设置

  • access-control-allog-credentialstrue
  • Access-Control-Allow-Origin不应设置为*

转换为local.settings.json,

 "Host": {
    "CORS": "http://localhost:3872",
    "CORSCredentials":true
  }
 类似资料: