# 问题:
Access to XMLHttpRequest at ‘http://huodong.rr.com/common/tencentIm/getImTalkTencentRecordList?fromAccount=&toAccount=&each=10&endTime=2021-01-26+00%3A00%3A00&startTime=2021-01-26+23%3A59%3A59&page=1&size=10&t=1611644616295&sig=1cb8067419afd82d1bcce8aa5df7f7c6‘ from origin ‘http://test-rrzb.admin.renren.com‘ has been blocked by CORS policy: Request header field token is not allowed by Access-Control-Allow-Headers in preflight response.
分析:
Request header field token is not allowed by Access-Control-Allow-Headers in preflight response.
是 token 不被在 Access-Control-Allow-Headers中允许
#解决
在 huodong.rr.com nginx 配置中修改
add_header ‘Access-Control-Allow-Origin‘ *;
add_header ‘Access-Control-Allow-Methods‘ ‘GET, POST, OPTIONS‘;
add_header ‘Access-Control-Allow-Headers‘ ‘DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,token‘;
原文:https://www.cnblogs.com/lixinliang/p/14335393.html