[英]How to configure properly CORS on sailsjs api
My app is consisting from angularjs on frontend and sailsjs on backend. 我的应用程序由前端的angularjs和后端的sailsjs组成。 I am trying to configure CORS on my backend, but without success.
我正在尝试在后端配置CORS,但是没有成功。 I want that backend on address api.example.com is accessible only from frontend from address blog.example.com.
我希望只能从地址blog.example.com的前端访问地址api.example.com上的后端。 My settings on sails config/cors.js are:
我对sails config / cors.js的设置是:
allRoutes: false,
origin: 'http://blog.example.com',
credentials: true,
methods: 'GET, POST, PUT, DELETE, OPTIONS, HEAD',
headers: 'content-type'
Result is, that my backend is freely accessible if I type to browser address bar api.example.com, but NOT from my frontend! 结果是,如果我在浏览器地址栏中输入api.example.com,则可以自由访问我的后端,但不能从前端访问它! In Chrome I get answer: "The 'Access-Control-Allow-Origin' header contains the invalid value ' '", Firefox sends just empty Response Body.
在Chrome中,我得到答案:“'Access-Control-Allow-Origin'标头包含无效值''”,Firefox仅发送空的响应正文。 I tried to configure cors in config/routes.js too, but also no success.
我也尝试在config / routes.js中配置cors,但是也没有成功。 Any help is appreciated!
任何帮助表示赞赏!
You want allRoutes: true
unless your enabling cors on a route by route basis. 您需要
allRoutes: true
除非您逐条路由启用cors。
http://sailsjs.org/documentation/concepts/security/cors http://sailsjs.org/documentation/concepts/security/cors
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.