我在后端使用 nodejs express 作为我的 API。我想知道如何在redirect方法上启用 CORS 。
以下是我的快速重定向代码:
res.redirect(redirectUrl);
当客户端向上述 API 发送请求时,它会将请求重定向到 as3但我收到以下错误:
Access to XMLHttpRequest at 'https://s3-ap-southeast-
2.amazonaws.com/index.html' (redirected from
'http://localhost:9090/v0/api') from origin 'http://localhost:9090' has
been blocked by CORS policy: Response to preflight request doesn't pass
access control check: No 'Access-Control-Allow-Origin' header is present on
the requested resource.
前端正在运行,http://localhost:9090并且前端域已添加到 s3 存储桶中的 CORS 上。如果我https://s3-ap-southeast-2.amazonaws.com/index.html直接从浏览器发送请求,它工作正常。所以我认为问题出在nodejs express redirect方法上。如何为重定向启用 CORS?
我知道如何启用,CORS但我的问题与redirect. 我怎样才能使重定向工作?
我有一个在服务器上运行的API和一个连接到它的前端客户端来检索数据.我做了一些关于跨域问题的研究并且有效.但是我不确定发生了什么变化.我现在在控制台中收到此错误:
XMLHttpRequest无法加载https://api.mydomain/api/status.请求的资源上不存在"Access-Control-Allow-Origin"标头.因此,不允许来源" http://beta.mydomain.com "访问.响应具有HTTP状态代码502.
我有以下路由文件:
var express = require('express');
var router = express.Router();
var Assessment = require('../app/models/assessment');
router.all('*', function (req, res, next) {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'PUT, GET, POST, DELETE, OPTIONS');
res.header('Access-Control-Allow-Headers', 'Content-Type');
next();
});
router.post('/api/status', function (req, res, next) {
getStatus.getStatus(req, res, Assessment);
});
module.exports = router;
以下JavaScript对该路由进行Ajax调用:
var user = {
'uid' : '12345'
};
$.ajax({
data: user,
method: 'POST',
url: 'https://api.mydomain/api/status',
crossDomain: true,
done: function () {
},
success: function (data) {
console.log(JSON.stringify(data));
},
error: …我nodejs-server根据我的swagger规范生成了我的服务器代码().
问题是,当我尝试从我的UI(不同的域)命中API时,我得到了一个众所周知的错误,即没有启用CORS:
XMLHttpRequest cannot load http://127.0.0.1:10010/events. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access.
我生成的index.js如下:
'use strict';
var fs = require('fs'),
path = require('path'),
http = require('http');
var app = require('connect')();
var swaggerTools = require('swagger-tools');
var jsyaml = require('js-yaml');
var serverPort = 10010;
// swaggerRouter configuration
var options = {
swaggerUi: path.join(__dirname, '/swagger.json'),
controllers: path.join(__dirname, './controllers'),
useStubs: process.env.NODE_ENV === 'development' // Conditionally turn on stubs (mock mode)
};
// The …在我的浏览器开发人员工具栏中,我收到以下 POST 请求的错误消息:
Access to XMLHttpRequest at 'http://localhost:8000/api/tags/' from origin 'http://localhost:3000' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
但是,当我查看 server.js 时,我确实允许访问:
app.prepare().then(() => {
const server = express();
server.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
有谁知道为什么现在被阻止
所以当我尝试使用React将数据发送到后端时,我遇到了这个错误。据我了解,我需要允许后端和.htaccess文件中的通信。这是我使用的一些链接:
Access-Control-Allow-Origin标头如何工作?
他们两个都有代码,但是没有帮助。
到目前为止,我的服务器端代码是这样的:
app.use(function (req, res, next) {
// Website you wish to allow to connect
// res.setHeader('Access-Control-Allow-Origin', 'http://localhost:3000');
res.setHeader('Access-Control-Allow-Origin', '*');
// Request methods you wish to allow
res.setHeader('Access-Control-Allow-Methods', 'POST');
// Request headers you wish to allow
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
// Set to true if you need the website to include cookies in the requests sent
// to the API (e.g. in case you use sessions)
res.setHeader('Access-Control-Allow-Credentials', true);
// Pass to next layer of middleware
next(); …