我有一个角度应用程序,我使用express网关在后端的请愿书中进行一些控制,除我的Cors方法外,其他一切正常,我只想允许GET,PUT,POST,但即使我不这样做,放DELETE方法它仍然可以访问,我不知道我错了,我已经阅读了文档。
{
"http": {
"port": 8080,
},
"admin": {
"port": 9876,
"host": "localhost"
},
"apiEndpoints": {
"apiAngular": {
"host": "13.84.42.7",
"paths": "/api/v3/*"
},
"api": {
"host": "localhost",
"paths": "/ip"
}
},
"serviceEndpoints": {
"service_apiAngular": {
"url": "http://localhost:4002"
},
"httpbin": {
"url": "https://httpbin.org"
}
},
"policies": [
"cors",
"basic-auth",
"expression",
"key-auth",
"log",
"oauth2",
"proxy",
"rate-limit",
"jwt"
],
"pipelines": {
"pipeline_apiAngular": {
"apiEndpoints": [
"apiAngular"
],
"policies": [
{
"cors":{
[
"action":{
"origin": "*",
"methods": "GET,PUT,POST",
"preflightContinue": false,
"optionsSuccessStatus": 204
}
]
}
},
{
"rate-limit": [
{
"action": {
"max": 15,
"windowMs": 1200
}
}
]
},
{
"proxy": [
{
"action": {
"serviceEndpoint": "service_apiAngular"
}
}
]
}
]
},
"default": {
"apiEndpoints": [
"api"
],
"policies": [
{
"proxy": [
{
"action": {
"serviceEndpoint": "httpbin",
"changeOrigin": true
}
}
]
}
]
}
}
}