我的应用程序使用脚本(在此特定示例中
webpack
)加载某些资源(与此无关),请求标头如下所示:
GET /b245bc85ddeedb27a549.woff2 HTTP/2
Host: anonymized.com
User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/110.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en,pl;q=0.5
Accept-Encoding: identity
Origin: https://www.anonymized.de
DNT: 1
Connection: keep-alive
Referer: https://www.anonymized.de/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Sec-GPC: 1
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
初始化请求的脚本来自
anonymized.com
域并在 https://www.anonymized.de/
url 上执行
每次请求资源时,我都会收到以下错误:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://anonymized.com/b245bc85ddeedb27a549.woff2. (Reason: CORS header ‘Access-Control-Allow-Origin’ missing). Status code: 200.
但问题是在请求之前没有预检(
OPTIONS
请求),大声笑
所以我的问题是如何让浏览器进行预检(或者需要什么才能使错误消失,因为如您所见,我没有发送任何特殊的标头)