Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
1.3k views
in Technique[技术] by (71.8m points)

reactjs - Firebase - Request header field x-firebase-gmpid is not allowed by Access-Control-Allow-Headers in preflight response

My product uses firebase rtdb, firestore, storage, auth, and hosting. I didn't make any changes to my CORS configuration. However, today I started getting the following CORS error while trying to upload images to storage, and retrieve them:

Access to XMLHttpRequest at 'https://firebasestorage.googleapis.com/v0/b/diary-a77f6.appspot.com/o?name=images%2FJ1gU3KPfo1cTHJXhT3iopBqrvVs1%2F-M1Ah4xCQ46GvEZtwgR1%2FBalboa%20Pier%2C%20California%20-%201600x1200%20-%20ID%2027253.jpg' from origin 'https://daybook.app' has been blocked by CORS policy: Request header field x-firebase-gmpid is not allowed by Access-Control-Allow-Headers in preflight response.

I tried Firebase Storage and Access-Control-Allow-Origin, https://cloud.google.com/storage/docs/configuring-cors, and https://firebase.google.com/docs/storage/web/download-files#cors_configuration to no avail.

My hosting config:

{
    "target": "prod",
    "public": "build/production",
    "ignore": [
        "firebase.json",
        "src/firebase/keys.js",
        "**/.*",
        "**/node_modules/**"
    ],
    "rewrites": [
        {
            "source": "**",
            "destination": "/index.html"
        }
    ],
    "headers": [
        {
            "source": "/**",
            "headers": [
                {
                    "key": "Cache-Control",
                    "value": "no-cache, no-store, must-revalidate"
                },
                {
                    "key": "Access-Control-Allow-Headers",
                    "value": "x-firebase-gmpid, Origin, Accept, Content-Type, X-Requested-With, Access-Control-Request-Method,Access-Control-Request-Headers, Authorization"
                }
            ]
        },
        {
            "source": "**/*.@(css|js)",
            "headers": [
                {
                    "key": "Cache-Control",
                    "value": "no-cache, no-store, must-revalidate max-age=0"
                }
            ]
        },
        {
            "source": "**/*.@(eot|otf|ttf|ttc|woff|font.css)",
            "headers": [
                {
                    "key": "Access-Control-Allow-Origin",
                    "value": "*"
                }
            ]
        },
        {
            "source": "**/*.@(jpg|jpeg|gif|png|webp|webp|svg)",
            "headers": [
                {
                    "key": "Cache-Control",
                    "value": "max-age=7200"
                }
            ]
        }
    ]
}

This is what I added recently while trying to fix the issue:

{
    "key": "Access-Control-Allow-Headers",
    "value": "x-firebase-gmpid, Origin, Accept, Content-Type, X-Requested-With, Access-Control-Request-Method,Access-Control-Request-Headers, Authorization"
}
See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)
Waitting for answers

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

1.4m articles

1.4m replys

5 comments

57.0k users

...