實際中的應用
實際中可以寫一個基類去統一處理,我們可能會設置多個響應頭,必須添加自定義的響應頭以及本地測試的域名(IP + 端口)
import tornado.web class BaseHandler(tornado.web.RequestHandler): def __init__(self,*args,**kwargs): super().__init__(*args,**kwargs) self.host = "" self.port = "" # 在初始化方法中添加設置跨域的方法 self.set_default_headers() # 處理OPTIONS域檢請求 def post(self): self.set_status(204) self.finish() # 設置跨域的具體方法 def set_default_headers(self): super().set_default_headers() # 設置允許的請求頭 self.set_header("Access-Control-Allow-Methods","GET,POST,PUT,DELETE,OPTIONS") self.set_header("X-XSS-Protecion","1") self.set_header("Content-Security-Policy","default-src 'self'") self.set_header("Access-Control-Allow-Credentials","true") # 設置一些自己定義的請求頭 self.set_header("Access-Control-Allow-Headers", "Content-Type,Access-Control-Allow-Headers,X-Auth-Token,Y-Auth-Token" ) self.set_header("Content-Type","application/json; charset=UTF-8") # 設置允許本地調試的域名通過! self.set_header("Access-Control-Allow-Origin",self.request.headers.get("Origin","http://localhost:9090")) # 如果后面的域名設置為 * ,表示允許所有的域名通過 # self.set_header("Access-Control-Allow-Origin","*") # self.set_header("Access-Control-Allow-Origin",self.request.headers.get("Origin","*"))
其他方法可以參考下面的博客
https://www.cnblogs.com/renfanzi/p/6952871.html
https://segmentfault.com/a/1190000012550346