Я уже изменил свой Access-Control-Allow-Origin! = *, Но он все еще показывает эту ошибку. Он работает на почтальоне, но не на моем сайте на localhost. Я пытаюсь загрузить изображение в хранилище firebase
Ошибка на клиенте
Access to XMLHttpRequest at 'https://firebasestorage.googleapis.com/v0/b/bucketName.appspot.com/o/images' from origin 'http://localhost:3000' has been blocked by CORS policy:
Response to preflight request doesn't pass access control check:
The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.
The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.
Код клиента
simpleUpload: {
// The URL that the images are uploaded to.
uploadUrl: 'https://firebasestorage.googleapis.com/v0/b/bucketName.appspot.com/o/images',
// Enable the XMLHttpRequest.withCredentials property.
withCredentials: true,
// Headers sent along with the XMLHttpRequest to the upload server.
headers: {
'X-CSRF-TOKEN': 'CSFR-Token',
'Authorization': 'Bearer ' + token
},
Сервер firebase: cors. json
[
{
"origin": [
"http://localhost.com:3000",
"https://severName.web.app"
],
"method": ["GET", "POST"],
"maxAgeSeconds": 3600,
"responseHeader": ["Content-Type", "Authorization", "X-CSRF-TOKEN"]
}
]
Выполнить это в облачном терминале Google
gsutil cors set cors.json gs://myservername.appspot.com