eminoda edited a comment on issue #1983:
URL: https://github.com/apache/apisix/issues/1983#issuecomment-1010737757
因为 IE 不支持 **Access-Control-Allow-Headers: \*** 的情况,所以在路由 router 中增加了插件
plugins:
````
"cors": {
"allow_credential": false,
"allow_headers": "Content-Type,Fetch-Mode,accept", // fix IE CORS
"allow_methods": "*",
"allow_origins": "*",
"disable": false,
"expose_headers": "*",
"max_age": 5
}
````
但最终接口请求还是收到响应头:**"access-control-allow-headers: \*"**,本来以为是 CORS
插件问题,后来发现在全局 Plugins 页定义了 CORS,发现规则如下:
- 对于非 OPTIONS 的请求,单个路由里 CORS 的配置会覆盖全局配置
- 对于OPTIONS请求,会默认用全局的 CORS 配置
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
