has been blocked by cors policy: the value of the ‘access-control-allow-origin’ header in the response must not be the wildcard ‘*’ when the request’s credentials mode is ‘include’. the credentials mode of requests initiated by the xmlhttprequest is controlled by the withcredentials attribute
这个错误是由于同时设置了 access-control-allow-origin=* 和 access-control-allow-credentials=true
解决办法是把*改为指定地址
黄山市民网:https://www.huangshanshimin.com/
