2

本文主要介绍一下在zuul进行跨域配置的时候出现的异常。

异常

The 'Access-Control-Allow-Origin' header contains multiple values '*, *', but only one is allowed

实例

Access-Control-Allow-Credentials:true
Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:http://localhost:3000
Access-Control-Allow-Origin:http://localhost:3000
Cache-Control:no-cache, no-store, max-age=0, must-revalidate
Content-Type:application/json;charset=UTF-8
Date:Thu, 11 Aug 2016 14:23:09 GMT
Expires:0
Pragma:no-cache
Transfer-Encoding:chunked
Vary:Origin
Vary:Origin
X-Application-Context:shipping-service:dev:8080
X-Content-Type-Options:nosniff
X-Frame-Options:DENY
X-XSS-Protection:1; mode=block

方案

多次请求的时候,会把这些header再带过来,然后请求zuul转发的接口又在写入一次,造成重复了,方案就是zuul转发的时候,过滤掉这些header,比如

zuul:
  sslHostnameValidationEnabled: false  
  routes:
    info:
      sensitiveHeaders: Access-Control-Allow-Origin,Access-Control-Allow-Methods
      path: /share/**
      url: http://192.168.99.100:9000/

doc


codecraft
11.9k 声望2k 粉丝

当一个代码的工匠回首往事时,不因虚度年华而悔恨,也不因碌碌无为而羞愧,这样,当他老的时候,可以很自豪告诉世人,我曾经将代码注入生命去打造互联网的浪潮之巅,那是个很疯狂的时代,我在一波波的浪潮上留下...