[英]Azure SDK for Node - Key Vault Management - CORS preflight: server responded with a status of 400 (Bad Request)
I am trying to create a React.js application, which has a div:我正在尝试创建一个 React.js 应用程序,它有一个 div:
<div onClick={this.handleClick} />
Inside the function I copied code from the Azure GitHub:在函数内部,我从 Azure GitHub 复制了代码:
https://github.com/Azure/azure-sdk-for-node/tree/master/lib/services/keyVaultManagement https://github.com/Azure/azure-sdk-for-node/tree/master/lib/services/keyVaultManagement
import * as msRestAzure from "ms-rest-azure";
import KeyVaultManagementClient from "azure-arm-keyvault";
public handleClick(evt: any): void {
// Interactive Login
let client: any;
msRestAzure.interactiveLogin().then((credentials) => {
client = new KeyVaultManagementClient(credentials, "my-subscription-id");
return client.vaults.list();
}).then((vaults) => {
console.dir(vaults, {depth: null, colors: true});
return;
})
}
When I click on the <div>
it throws the following error in Chrome console.当我单击
<div>
它会在 Chrome 控制台中引发以下错误。
login.microsoftonline.com/common/oauth2/devicecode?api-version=1.0:1 Failed to load resource: the server responded with a status of 400 (Bad Request)
login.microsoftonline.com/common/oauth2/devicecode?api-version=1.0:1 无法加载资源:服务器响应状态为 400(错误请求)
localhost/:1 Failed to load https://login.microsoftonline.com/common/oauth2/devicecode?api-version=1.0 : Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
localhost/:1 无法加载https://login.microsoftonline.com/common/oauth2/devicecode?api-version=1.0 :对预检请求的响应未通过访问控制检查:否 'Access-Control-Allow-Origin ' 请求的资源上存在标头。 Origin ' http://localhost ' is therefore not allowed access.
因此,不允许访问 Origin ' http://localhost '。 The response had HTTP status code 400. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
响应的 HTTP 状态代码为 400。如果不透明响应满足您的需求,请将请求的模式设置为“no-cors”以在禁用 CORS 的情况下获取资源。
localhost/:1 Uncaught (in promise) TypeError: Failed to fetch
I do understand the problem is that I'm trying to call an API that does not match with the http://localhost/
same origin, so it denies.我确实理解问题在于我试图调用与
http://localhost/
同源不匹配的 API,所以它拒绝了。
The application is built with webpack (no special things), React.js, Typescript, Less.该应用程序是用 webpack(没什么特别的)、React.js、Typescript、Less 构建的。 It is hosted in IIS, by simply creating an Application, and pointing to the build folder.
它托管在 IIS 中,只需创建一个应用程序并指向构建文件夹即可。
I'm asking, how can I make it work, since I cannot just add headers like Access-Control-Allow-Origin:
to any request, because the implementations are in the npm packages.我在问,我怎样才能让它工作,因为我不能只向任何请求添加像
Access-Control-Allow-Origin:
这样的标头,因为实现在 npm 包中。
Any guidance is appreciated.任何指导表示赞赏。 Thanks.
谢谢。
Currently you cannot use the Azure Key Vault REST API from a browser side web application due to the CORS limitations.由于 CORS 限制,目前无法从浏览器端 Web 应用程序使用Azure Key Vault REST API。
There is request on Azure Key Vault Feedback site already to add CORS support, that you can up-vote. Azure Key Vault 反馈站点上已经请求添加 CORS 支持,您可以投票支持。
As a workaround you can create a small web application that runs on the server and proxies your request to the Key Vault.作为一种解决方法,您可以创建一个在服务器上运行的小型 Web 应用程序,并将您的请求代理到 Key Vault。 I've created a small PHP app for this that I will share on GitHub soon.
我为此创建了一个小型 PHP 应用程序,我将很快在 GitHub 上分享。 (I will update the post with the link.)
(我会用链接更新帖子。)
The sample you linked is a Node.js app that can run as an app but not within a browser.您链接的示例是一个 Node.js 应用程序,它可以作为应用程序运行,但不能在浏览器中运行。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.