whistle
resCors
- The wildcard
- Automatically set
- The custom
It is recommended that you upgrade Whistle to V2.5.3 or later, otherwise the first two methods will have problems handling OPTIONS requests.
For whistle see Github: github.com/avwo/whistl…
The wildcard
Generally used for cross-domain requests that require no login state, or for script tags with crossorigin property set to empty or anonymous (e.g. , generally set to the default value of anonymous), can be set to the following rules:
pattern resCors://*
Copy the code
Pattern can be a domain name, path, wildcard, or regular. For details, see wproxy.org/whistle/pat…
For example (simulating a request with Whistle’s Composer) :
www.qq.com/test resCors://*
Copy the code
Automatically set
Generally used for cross-domain requests that require login without special restrictions, or for script tags with the Crossorigin attribute set to use-credentials (e.g. ), can be resolved with the following rules:
Pattern resCors://enable # or pattern resCors://use-credentialsCopy the code
Pattern can be a domain name, path, wildcard, or regular. For details, see wproxy.org/whistle/pat…
For example (simulating a request with Whistle’s Composer) :
www.qq.com/test resCors://enable
Copy the code
The custom
Custom mode You can set the cORS header of the response according to your own needs. It is generally used in situations with special restrictions on requests, such as only allowing access to certain request methods or custom request headers. The specific configuration is as follows:
pattern resCors://(origin=xx&mehods=POST&headers=x-test)
Copy the code
Pattern can be a domain name, path, wildcard, or regular. For details, see wproxy.org/whistle/pat…
For example (simulating a request with Whistle’s Composer) :
``` test-cors1
origin: *
methods: POST
headers: x-test
credentials: true
maxAge: 300000
```
www.qq.com/test resCors://{test-cors1}
Copy the code
ResCors ://enable ://enable ://enable ://enable ://enable ://enable ://enable