xhr.js:108 Refused to set unsafe header "Cookie"
2024-08-22 17:27:25
Remove these two lines:
xmlHttp.setRequestHeader("Content-length", params.length);
xmlHttp.setRequestHeader("Connection", "close");XMLHttpRequest isn't allowed to set these headers, they are being set automatically by the browser. The reason is that by manipulating these headers you might be able to trick the server into accepting a second request through the same connection, one that wouldn't go through the usual security checks - that would be a security vulnerability in the browser.
// request interceptor
service.interceptors.request.use(
config => {
// do something before request is sent
// console.log(store.getters.token)
config.headers['Access-Control-Allow-Origin'] = '*'
config.headers['cache-control'] = 'max-age=1,s-maxage=1'
config.headers['Cookie'] = 'noBy-interceptors.request'
最新文章
- C#设计模式系列:简单工厂模式(Simple Factory)
- (转)SVN服务器搭建和使用(二)
- java 之前的安全的类回顾,以及以后需要线程安全时使用哪些类
- kafka原理存储
- IMS Global Learning Tools Interoperability™ Implementation Guide
- OSGI.NET 学习笔记(一)
- mysql颠覆实战笔记(二)-- 用户登录(一):唯一索引的妙用
- jQuery 使用 jQuery UI 部件工厂编写带状态的插件(翻译)
- Qt在Mac OS X下的编程环境搭建
- MyEclipse使用经验归纳
- iOS 从url中获取文件名以及后缀
- css常用的属性方法 上篇
- 【Android Developers Training】 81. 解析XML数据
- Spring3 MVC
- Celery异步的分布式任务调度理解
- VueJs相关学习网址
- 要求根据RandomStr.java:使用类型转换生成六位验证字符串,示例程序每次运 行时,都会生成不同的字符串。
- 简单明了区分IE,Firefox,chrome主流浏览器
- 007.MySQL-Keepalived搭配脚本01
- 广告狂人第一至七季/全集Mad Men迅雷下载