使用 HTTPS 从不同的域向节点 API 发出请求
[英]Making requests to a node API from a different domain using HTTPS
问题描述
I am serving a static page over HTTPS ( https://example.com ) that makes requests to a node API on a different domain (example-api.com).
我正在通过 HTTPS ( https://example.com ) 提供一个静态页面,该页面向不同域 (example-api.com) 上的节点 API 发出请求。
My API is a standard express app using HTTP.我的 API 是使用 HTTP 的标准快速应用程序。 Here's my setup code:这是我的设置代码:
var express = require('express');
var app = exports.app = express();
var port = process.env.PORT;
exports.server = require('http').createServer(app).listen(port);
In the requests from my static page, I specify https://example-api.com as the URL.在来自我的静态页面的请求中,我将https://example-api.com指定为 URL。 This works most of the time, but every once in a while (10% of the time?) Chrome errors out on the requests with:这在大多数情况下都有效,但每隔一段时间(10% 的时间?)Chrome 在请求时出错:
net::ERROR_INSECURE_RESPONSE
Other users who've come across this issue (eg Failed to load resource: net::ERR_INSECURE_RESPONSE socket.io ) seem to solve it by adding a credentials option to their createServer call, eg遇到此问题的其他用户(例如Failed to load resource: net::ERR_INSECURE_RESPONSE socket.io )似乎通过向其 createServer 调用添加凭据选项来解决它,例如
var server = https.createServer(credentials, app)
So when I tried to implement this I came up with the following:因此,当我尝试实现这一点时,我想出了以下内容:
var fs = require('fs');
var options = {
key: fs.readFileSync('server-key.pem'),
cert: fs.readFileSync('server-cert.pem')
};
var express = require('express');
var app = exports.app = express();
exports.server = require('https').createServer(options, app).listen(port);
However this solution doesn't seem to work for me.然而,这个解决方案似乎对我不起作用。 When I try it the requests never make it to my app - even logs in app.use middleware don't appear.当我尝试它时,请求永远不会发送到我的应用程序 - 即使登录 app.use 中间件也不会出现。
What's really confusing is the fact that my setup seems to work most of the time.真正令人困惑的是,我的设置似乎大部分时间都在工作。
Does anyone know how I can reliably make my requests?有谁知道我如何可靠地提出我的请求?
Thanks and sorry in advance for my ignorance.提前感谢并为我的无知感到抱歉。
1 个解决方案
解决方案1
0 2016-01-22 20:52:42
I struggled with this a bit as well.我也有点挣扎。 If you are on windows I have a solution that is a bit of a work around, but will allow you to serve your site, and NodeJS app over HTTPS.如果您在 Windows 上,我有一个解决方案,它有点变通,但允许您通过 HTTPS 为您的站点和 NodeJS 应用程序提供服务。
In Windows, I created a reverse proxy in IIS to point at the nodeJS RESTful endpoint (ie nodeJS RESTful services == website.com:7000).在 Windows 中,我在 IIS 中创建了一个反向代理以指向 nodeJS RESTful 端点(即 nodeJS RESTful 服务 == website.com:7000)。 Don't let reverse proxy scare you, its gravy.不要让反向代理吓到你,它的肉汁。
To Implement:实施:
- Install IIS (if you haven't already)安装 IIS(如果您还没有)
- Create your Self Signed Cert (assuming you know how to do that), or apply your Cert you are using now.创建您的自签名证书(假设您知道如何执行此操作),或应用您现在使用的证书。
- Install Application Request Routing安装应用程序请求路由
- Open your website configuration, and go to URL Rewrite打开您的网站配置,然后转到 URL Rewrite
- For the rewrite stuff:对于重写的东西:
For Pattern: ^api(.*)对于模式:^api(.*)
For rewrite: http://www.website.com:7000 {R:1}重写: http : //www.website.com : 7000 {R:1}
This basically takes any request from: https://www.website.com/api/someApiAwesomeness , and rewrites it to your nodejs App running at http://www.website.com:7000 .这基本上接受来自: https://www.website.com/api/someApiAwesomeness 的任何请求,并将其重写为在http://www.website.com:7000 上运行的 nodejs 应用程序。 Now you have an SSL RESTful app..现在你有一个 SSL RESTful 应用程序..
Good luck man I hope this helps!祝你好运,我希望这会有所帮助!
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.