Cordova文件传输未命中服务器端点
[英]Cordova File-Transfer Not Hitting Server Endpoint
问题描述
I'm trying to create a file using FT (cordova file-transfer) to send a file up to my express app. 
我正在尝试使用FT(cordova文件传输)创建文件以将文件发送到我的Express应用程序。 The problem is, express doesn't get a request. 问题是,快递没有收到请求。 There was a point where it worked, but it stopped working and I'm trying to figure out why. 在某种程度上它起作用了,但是它停止了工作,我试图找出原因。
My code looks like this. 我的代码如下所示。
First I take a picture with cordova lib, this works. 首先,我用cordova lib拍照,可以正常工作。
$scope.takePicture = function(){
Camera.getPicture().then(function(imageURI) {
$scope.lastPhoto = imageURI;
upload(imageURI)
}, function(err) {
console.err(err);
}, {
quality: 25,
targetWidth: 320,
targetHeight: 320,
saveToPhotoAlbum: false
});
};
The upload function though, does not get a request up to the express server. 但是,上载功能不会向快速服务器发送请求。
upload = function (imageURI) {
var ft = new FileTransfer();
var options = new FileUploadOptions();
options.fileKey = "photo";
options.fileName = 'filename'; // We will use the name auto-generated by Node at the server side.
options.mimeType = "image/jpeg";
options.chunkedMode = false;
options.httpMethod = 'put';
options.params = { // Whatever you populate options.params with, will be available in req.body at the server-side.
"description": "Uploaded from my phone"
};
ft.upload(imageURI, encodeURI(RESOURCES.PRODUCTION_DOMAIN + '/api/boats/' + $scope.boat._id),
function (e) {
console.log('File Transfer Completed', e)
},
function (e) {
alert("Upload failed", e);
}, options);
}
I don't see a request come into my server, and I see the console.log that fails. 我没有看到请求进入我的服务器,并且看到失败的console.log。
Why is this? 为什么是这样?
My Server has the following access control methods 我的服务器具有以下访问控制方法
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'GET, POST', 'PUT', 'DELETE');
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
res.header('Access-Control-Allow-Credentials', true);
next();
and I have 我有
<access origin="*"/>
In my config.xml for my app. 在我的应用程序的config.xml中。
Why do the requests do not get through!? 为什么请求没有通过!?
Edit 编辑
After getting the app to run in x-code (downloaded the new version...) I see the error is as follows. 使应用程序以X代码运行(下载新版本...)后,我看到错误如下。
2015-10-26 05:00:54.955 Fish App[358:68325] File Transfer Finished with response code 404
2015-10-26 05:00:54.956 Fish App[358:68325] FileTransferError {
body = "";
code = 3;
"http_status" = 404;
source = "file:///var/mobile/Containers/Data/Application/598EAE4A-F0E4-4A3B-A4A4-0DB657981122/tmp/cdv_photo_010.jpg";
target = "http://example.com/api/boats/";
}
Also important to note I had to configure my nginx settings to allow larger than 1M file sizes, only THEN did I get the above error. 同样重要的是要注意,我必须配置nginx设置以允许大于1M的文件大小,只有THEN才出现上述错误。 Why is it a 404? 为什么是404? The target is correct. 目标是正确的。
I have the following in my plist to allow all connections... 我的清单中有以下内容允许所有连接...
<key>NSAppTransportSecurity</key>
<dict>
<!--Include to allow all connections (DANGER)-->
<key>NSAllowsArbitraryLoads</key>
<true/>
</dict>
Edit2: 编辑2:
I have added a CSP policy in my index.html This seems to be the most insecure way to do it, which I would think would allow me to get the upload through! 我在index.html添加了CSP策略,这似乎是最不安全的方法,我认为这将使我能够顺利通过上传!
<!-- This policy allows everything (eg CSS, AJAX, object, frame, media, etc) except that
* CSS only from the same origin and inline styles,
* scripts only from the same origin and inline styles, and eval()
-->
<meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' 'unsafe-inline'; img-src '*' script-src 'self' 'unsafe-inline' 'unsafe-eval'">
1 个解决方案
解决方案1
1 2015-10-26 04:03:40
UPDATE 2016-04-11: Google will soon require new and updated Apps that use Cordova/Phonegap be at least 4.1.1 Details: Android pre-4.1.1 to be blocked
You need to add the white-list, the plugin, and CSP . 您需要添加白名单,插件和CSP 。 OR SET the version to your compiler. 或将版本设置为编译器。
The fix to many common white-list problems 解决许多常见的白名单问题
The alternative to the white-list is this quick fix – but know that this quick fix removes all needs for white-list . 白名单的替代方法是此快速解决方案-但请注意,此快速修复可以消除white-list所有需求。 This creates a security issue which you may not want to by pass. 这会创建一个安全问题 ,您可能不希望通过。
QUICK FIX Add this to your config.xml for PHONEGAP BUILD ONLY快速修复将此仅添加到PHONEGAP BUILD的 config.xml中
<preference name="phonegap-version" value="3.7.0" />
This method will not be available after May, 2016. 此方法将于2016年5月之后不可用。
THE LONG ANSWER IS as such: 长答案是这样的:
From Top Mistakes by Developers new to Cordova/Phonegap you have hit: 从Cordova / Phonegap的开发人员的最新失误中您可以找到:
- #6 Not setting the "phonegap version" for your compiler #6 没有为编译器设置“ phonegap版本”
- #7 Not setting "version" for you plugins #7 不为您的插件设置“版本”
- #10 Not adding the new "white-list" and "white-list plugin" parameters in config.xml. #10 未在config.xml中添加新的“白名单”和“白名单插件”参数。
For #6 & #7 对于#6和#7
With the CLI version, if you do not assign a version for your platform OR in ''Phonegap Build'' if you do not set the phonegap-version in config.xml, YOU WILL GET THE LATEST VERSION.
Luckily for all of us, Holly Schinsky has written a nice blog post to explain it all:
Cordova/PhoneGap Version Confusion
http://devgirl.org/2014/11/07/cordovaphonegap-version-confusion/
For #10 对于#10
This relatively * NEW * requirement means – to access ANY website or resources on the web, you MUST use the whitelist and the whitelist plugin.
To be clear, the "whitelist" has been around for a bit, but the plugin and requirement is very new.
In addition, the Content Security Policy (CSP) has caught numerous developers - because it was soooo poorly publicized.
Lastly, Raymond Camden in his blog points to a LARGE change in policy starting with Cordova 5
Related Links 相关链接
Phonegap Build Forum: Notes for upgrading to cli-5.1.1 on PGB and now required Whitelist
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.