Access to fetch at 'https://xxx/api/user' from origin 'http://h5.xxx.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: The 'Access-Control-Allow-Origin' header contains multiple values 'http://h5.xxx.com, *', but only one is allowed. Have the server send the header with a valid value, or, if an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
翻译过来就是:
从源 http://h5.xxx.com 访问 https://xxx/api/user 处的访存已被 CORS 策略阻止:对预检请求的响应未通过访问控制检查:Access-Control-Allow-Origin 标头包含多个值 http://h5.xxx.com, *,但仅允许一个。 让服务器发送带有有效值的标头,或者,如果不透明的响应满足您的需要,请将请求的模式设置为 no-cors,以在禁用 CORS 的情况下获取资源。
对于前后端分离,跨域问题老生常谈了,问题是这样的:
翻译过来就是:
原因是就是在服务器设置了允许跨域,同时又在 Nginx 代理又设置了一次。
只要移除其一即可解决。