我有一个用于postgres数据库的API，它使用Flask untillet创建，并使用Apache提供服务。在

当我收到多个与OPTIONS请求密切相关的“CORS Error access Control Allow Origin”头文件时，这个API工作得非常完美，直到我尝试使用基于javascript的前端来访问API。在

我尝试了以下修复

[1.在apache中启用cors][1]

 <VirtualHost *:80>
            Header add Access-Control-Allow-Origin "*"
            Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type, Authorization"
            Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
            ServerName localhost
            WSGIScriptAlias / /home/drmclean/bboxx/git/Smart-Solar-Server/SmartSolarServer.wsgi
            WSGIScriptReloading On

            <Directory /home/drmclean/bboxx/git/Smart-Solar-Server/>
                    Header add Access-Control-Allow-Origin "*"
                    Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type, Authorization"
                    Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
                    Require all granted
                    Order allow,deny
                    Allow from all
            </Directory>

            Alias /docs /home/drmclean/bboxx/git/Smart-Solar-Server/swagger
            <Directory /home/drmclean/bboxx/git/Smart-Solar-Server/swagger/>
                    Header add Access-Control-Allow-Origin "*"
                    Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type, Authorization"
                    Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
                    Require all granted
                    Header set Access-Control-Allow-Origin "*"
                    Order allow,deny
                    Allow from all
            </Directory>
            ErrorLog ${APACHE_LOG_DIR}/error.log
            LogLevel warn
            CustomLog ${APACHE_LOG_DIR}/access.log combined
            <IfModule mod_rewrite.c>
                    RewriteEngine on
                    # Pass Authorization headers to an environment variable
                    RewriteCond %{HTTP:Authorization} ^(.*)
                    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
            </IfModule>

2.Enable CORS using the flask-cors extension

3.使用烧瓶不停地启用CORS

def allow_control_headers(response):
response.headers['Access-Control-Allow-Origin'] = '*'
response.headers['Access-Control-Allow-Credentials'] = 'true'
return response

bp = manager.create_api(REDACTED)
bp.after_request(allow_control_headers)

不用说，到目前为止还没有一个有效。在

1. 不会删除CORS警告。在
2. 似乎删除了某些端点的CORS错误，但没有删除其他端点的CORS错误，将其更改为CORS=CORS（app，response=r“/v1/*”），使原先被删除的CORS错误恢复过来。在
3. 抛出了一个语法错误：“bp has no attribute after_request”，尽管我直接从文档中复制了语法。（here）

有人能解释一下吗

1. 为什么上面的修复没有消除CORS问题。在
2. 如何解决我的问题并有效地实现跨源资源共享？在