Control-Allow-Origin' header is present on the requested resource
时间: 2023-09-30 12:08:07 浏览: 48
The 'Control-Allow-Origin' header is a response header that is sent by a server to indicate which origins are allowed to access its resources. It is a part of the Cross-Origin Resource Sharing (CORS) mechanism used by web browsers to enforce security policies.
When making a request from one domain to another, the browser checks if the 'Control-Allow-Origin' header is present in the response. If the header is not present or does not allow the requesting domain, the browser will block the request and display a CORS error.
To resolve this issue, the server needs to include the 'Control-Allow-Origin' header in its response with a value that matches the requesting domain or allows all origins using '*'. For example:
```
Access-Control-Allow-Origin: https://example.com
```
This tells the browser that requests from "https://example.com" are allowed. If you want to allow requests from any origin, you can use:
```
Access-Control-Allow-Origin: *
```
It's important to note that allowing requests from any origin using '*' should be done with caution, as it may pose security risks. It is generally recommended to whitelist specific domains instead.