访问控制允许来源错误ember.js

Question

我使用ember.js并抛出我这个错误：

XMLHttpRequest cannot load http://127.0.0.1:20000/accounts/0 . Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin ' http://localhost:4200 ' is therefore not allowed access.

在我的服务器端，我把代码打印出记录GET，POST和PUT调用。它不打印任何东西。因此，我认为客户端从未向服务器提出任何请求。 （但是，访问'http://127.0.0.1:20000/accounts/0'手动确实调用了GET方法的日志。）

服务器端已编码为返回Access-Control-Allow-Origin，并且它适用于其他方法。

那么，我的问题是什么？

，只为记录​​，在Java服务器端是：

responseBuilder.header("Access-Control-Allow-Origin", "http://localhost:4200"); 
responseBuilder.header("Access-Control-Allow-Headers", "origin, content-type, accept, authorization, auth-token"); 
responseBuilder.header("Access-Control-Allow-Credentials", "true"); 
responseBuilder.header("Access-Control-Allow-Methods", "GET, POST, DELETE, PUT"); 
responseBuilder.allow("OPTIONS"); 

，并在我的ember.js配置/ environment.js我：

ENV['contentSecurityPolicy'] = { 
     'default-src': "*" 
    }; 

Answer 1

解决：

private static void setAccessControlAllowOrigin(ServletContextHandler context) { 
     FilterHolder holder = new FilterHolder(CrossOriginFilter.class); 
     holder.setInitParameter(CrossOriginFilter.ALLOWED_ORIGINS_PARAM, "*"); 
     holder.setInitParameter(CrossOriginFilter.ACCESS_CONTROL_ALLOW_ORIGIN_HEADER, "http://127.0.0.1:4200"); 
     holder.setInitParameter(CrossOriginFilter.ALLOWED_METHODS_PARAM, "GET,POST,PUT,HEAD"); 
     holder.setInitParameter(CrossOriginFilter.ALLOWED_HEADERS_PARAM, "X-Requested-With,Content-Type,Accept,Origin"); 
     holder.setName("cross-origin"); 
     FilterMapping fm = new FilterMapping(); 
     fm.setFilterName("cross-origin"); 
     fm.setPathSpec("*"); 
     context.getServletHandler().addFilter(holder, fm); 
    }