ajax跨域：origin has been blocked by CORS policy Response to preflight request doesn't pass access control check

ajax跨域：origin has been blocked by CORS policy Response to preflight request doesn't pass access control check，CORS策略已阻止从原点' http//localhost62797 '访问' http://api.bigcommerce.com/stores/4jwabif3gj/v2/orders.json'处的XMLHttpRequest ：对预检请求的响应未收到通过访问控制检查：飞行前请求不允许重定向。

$.ajax({

      type:"get", 

      url:"https://api.piao-duoduo.com/index/index",

      async:true,

      data:{data:1},

      dataType: 'json',

      headers: {

             "Access-Token":"Access-Token123456",//自定义请求头

            "backendserver":$.cookie('backendserver')

            //"Content-Type":"application/json;charset=utf8"

      },

      ajaxGridOptions: {

            xhrFields: { 

                  withCredentials: true

            }

      }, 

      crossDomain: true, // 发送Ajax时，Request header 中会包含跨域的额外信息，但不会含cookie（作用不明，不会影响请求头的携带）

      success: function(data) {

            onsole.log(data);

      }

});

另外需要注意的是：前端请求的头部信息，一定要在后端头部设置一致，不一致会报跨域异常

// 指定允许其他域名访问

header('Access-Control-Allow-Origin:*');

// 跨域资源共享

header('Access-Control-Allow-Credentials:true');

// 响应头设置

header('Access-Control-Allow-Headers:x-token,x-uid,x-token-check,x-requested-with,content-type,Host,sponsortoken');

// 响应类型

header('Access-Control-Allow-Methods:*');

// 设置https

header("Content-Security-Policy: upgrade-insecure-requests");

// 指定本次预检请求的有效期

header("Access-Control-Max-Age: 1800");