[英]NodeJS + Express using fetch(): How to bypass “Your connection is not private” in Javascript?
Currently I have a NodeJS + ExpressJS client-side server set up and it makes API calls to the back-end server. 目前,我已经设置了NodeJS + ExpressJS客户端服务器,并且它对后端服务器进行API调用。 But whenever I do, I first would have to go directly to the URL of the API back-end server and view the following page, and go to
Advanced
-> Proceed to https://backendserver.com:8080 (Unsafe)
, in order to be able to make the API call without any error. 但是无论什么时候,我首先都必须直接转到API后端服务器的URL并查看以下页面,然后转到
Advanced
> Proceed to https://backendserver.com:8080 (Unsafe)
,在为了能够进行API调用而没有任何错误。
Is there a way to always allow it to Proceed to https://backendserver.com:8080
without having to manually do it via browser? 有没有一种方法可以始终允许它
Proceed to https://backendserver.com:8080
而不必通过浏览器手动进行操作?
Here is how I make the API call with fetch()
: 这是我使用
fetch()
进行API调用的方式:
loggingIn(userInfo) {
var userInfoBody = {
'username': `${userInfo.username}`,
'password': `${userInfo.password}`
}
var configuration = {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify(userInfoBody)
}
return function(dispatch) {
fetch('https://backendserver.com:8080/creds', configuration)
.then(response => response.json())
.then(response => {
console.log('Success and response is', response)
})
.catch((error) => {
console.log("Error: ", error)
})
}
And my NodeJS + Express is set up like so: 我的NodeJS + Express设置如下:
var express = require('express');
var cors = require('cors');
var path = require('path');
var config = require('../webpack.config.js');
var webpack = require('webpack');
var webpackDevMiddleware = require('webpack-dev-middleware');
var webpackHotMiddleware = require('webpack-hot-middleware');
var app = express();
var compiler = webpack(config);
app.use(cors());
app.use(webpackDevMiddleware(compiler, {noInfo: true, publicPath: config.output.publicPath}));
app.use(webpackHotMiddleware(compiler));
app.use(express.static('./dist'));
app.use('/', function (req, res) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
res.sendFile(path.resolve('client/index.html'))
})
var port = 3000;
app.listen(port, function(error) {
if (error) throw error;
console.log("Listening to ", port);
})
There's generally only one proper solution here: use a server certificate that is trusted by the browser. 通常,这里只有一个适当的解决方案:使用浏览器信任的服务器证书。
If you have a public server , you will need to get a certificate from a trusted certificate authority. 如果您有公共服务器 ,则需要从受信任的证书颁发机构获取证书。 For this, Let's Encrypt is a great (and free) service, and letsencrypt-express integrates this nicely with Express.
为此, Let's Encrypt是一项出色的(免费)服务,并且letencrypt-express与Express完美集成。
If you have a private server (like a development or testing server, or a server used only by a few browsers), you can just use a self-signed certificate and add this as a trusted certificate in your browser or operating system. 如果您有专用服务器 (例如开发或测试服务器,或仅由少数浏览器使用的服务器),则可以使用自签名证书,并将其添加为浏览器或操作系统中的受信任证书。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.