HTTP
Guides:
Resources and URIs
HTTP guide
HTTP security
HTTP access control (CORS)
HTTP authentication
HTTP caching
HTTP compression
HTTP conditional requests
HTTP content negotiation
HTTP cookies
HTTP range requests
HTTP redirects
HTTP specifications
Feature policy
References:
HTTP headers
1. Accept
2. Accept-CH
3. Experimental Non-Standard Deprecated Accept-CH-Lifetime
4. Accept-Charset
5. Accept-Encoding
6. Accept-Language
7. Accept-Patch
8. Accept-Post
9. Accept-Ranges
10. Access-Control-Allow-Credentials
11. Access-Control-Allow-Headers
12. Access-Control-Allow-Methods
13. Access-Control-Allow-Origin
14. Access-Control-Expose-Headers
15. Access-Control-Max-Age
16. Access-Control-Request-Headers
17. Access-Control-Request-Method
18. Age
19. Allow
20. Alt-Svc
21. Authorization
22. Cache-Control
23. Clear-Site-Data
24. Connection
25. Content-Disposition
26. Experimental Non-Standard Deprecated Content-DPR
27. Content-Encoding
28. Content-Language
29. Content-Length
30. Content-Location
31. Content-Range
32. Content-Security-Policy
33. Content-Security-Policy-Report-Only
34. Content-Type
35. Cookie
36. Cross-Origin-Embedder-Policy
37. Cross-Origin-Opener-Policy
38. Cross-Origin-Resource-Policy
39. Date
40. Experimental Device-Memory
41. Digest
42. DNT
43. Experimental Downlink
44. Experimental Non-Standard Deprecated DPR
45. Experimental Early-Data
46. Experimental ECT
47. ETag
48. Expect
49. Expect-CT
50. Expires
51. Experimental Feature-Policy
52. Forwarded
53. From
54. Host
55. If-Match
56. If-Modified-Since
57. If-None-Match
58. If-Range
59. If-Unmodified-Since
60. Keep-Alive
61. Non-Standard Deprecated Large-Allocation
62. Last-Modified
63. Link
64. Location
65. NEL
66. Origin
67. Deprecated Pragma
68. Proxy-Authenticate
69. Proxy-Authorization
70. Deprecated Public-Key-Pins
71. Deprecated Public-Key-Pins-Report-Only
72. Range
73. Referer
74. Referrer-Policy
75. Retry-After
76. Experimental RTT
77. Save-Data
78. Experimental Sec-CH-UA
79. Experimental Sec-CH-UA-Arch
80. Experimental Sec-CH-UA-Bitness
81. Experimental Sec-CH-UA-Full-Version
82. Experimental Sec-CH-UA-Full-Version-List
83. Experimental Sec-CH-UA-Mobile
84. Experimental Sec-CH-UA-Model
85. Experimental Sec-CH-UA-Platform
86. Experimental Sec-CH-UA-Platform-Version
87. Sec-Fetch-Dest
88. Sec-Fetch-Mode
89. Sec-Fetch-Site
90. Sec-Fetch-User
91. Sec-WebSocket-Accept
92. Server
93. Server-Timing
94. Service-Worker-Navigation-Preload
95. Set-Cookie
96. SourceMap
97. Strict-Transport-Security
98. TE
99. Timing-Allow-Origin
100. Tk
101. Trailer
102. Transfer-Encoding
103. Upgrade
104. Upgrade-Insecure-Requests
105. User-Agent
106. Vary
107. Via
108. Experimental Non-Standard Deprecated Viewport-Width
109. Want-Digest
110. Deprecated Warning
111. Experimental Deprecated Width
112. WWW-Authenticate
113. X-Content-Type-Options
114. X-DNS-Prefetch-Control
115. Non-Standard X-Forwarded-For
116. Non-Standard X-Forwarded-Host
117. Non-Standard X-Forwarded-Proto
118. X-Frame-Options
119. X-XSS-Protection
HTTP request methods
HTTP response status codes
CSP directives
1. CSP: base-uri
2. CSP: block-all-mixed-content
3. CSP: child-src
4. CSP: connect-src
5. CSP: default-src
6. CSP: font-src
7. CSP: form-action
8. CSP: frame-ancestors
9. CSP: frame-src
10. CSP: img-src
11. CSP: manifest-src
12. CSP: media-src
13. CSP: navigate-to
14. CSP: object-src
15. CSP: plugin-types
16. CSP: prefetch-src
17. Deprecated CSP: referrer
18. CSP: report-to
19. CSP: report-uri
20. CSP: require-sri-for
21. CSP: require-trusted-types-for
22. CSP: sandbox
23. CSP: script-src
24. CSP: script-src-attr
25. CSP: script-src-elem
26. CSP source values
27. CSP: style-src
28. CSP: style-src-attr
29. CSP: style-src-elem
30. CSP: trusted-types
31. CSP: upgrade-insecure-requests
32. CSP: worker-src
CORS errors
Feature-Policy directives

Reason: CORS disabled

原因

哪里错了？

参见