[英]Handling CORS when developing from localhost using REST APIs - Streamlabs API
I'm sure this question will get flagged in some manner, however hours of searching has prompted no usable information.我确信这个问题会以某种方式被标记,但是数小时的搜索没有提示任何可用的信息。
Many projects require me to use various APIs.许多项目需要我使用各种 API。 The current project uses the Twitch and Streamlabs API.
当前项目使用 Twitch 和 Streamlabs API。 When trying to access the /authorize endpoints, I'm hit with a CORS policy restriction.
在尝试访问 /authorize 端点时,我遇到了 CORS 策略限制。 This is because my referer/origin is localhost.
这是因为我的引用者/来源是本地主机。
My question lies in how others set up their environment for this not to be an issue.我的问题在于其他人如何设置他们的环境以使其不成为问题。 I understand why CORS is blocking me (to an extent), but what I don't understand is how I'm expected to work away from my production server if
localhost
has a blanket restriction.我明白为什么 CORS 会阻止我(在某种程度上),但我不明白的是,如果
localhost
有全面限制,我应该如何远离生产服务器工作。
I have as well tried manipulating headers in fetch as well as using [no-cors]
, but no avail here either.我也尝试过在 fetch 中操作标头以及使用
[no-cors]
,但在这里也无济于事。 Any ideas?有任何想法吗?
// Starts authorization
getAuth() {
const data = fetch (`https://streamlabs.com/api/v1.0/authorize?client_id=${clientID}&response_type=code&redirect_uri=https%3A%2F%2Ftwitchinstudios.com&scope=donations.create%20donations.read%20alerts.write`, {
headers: {
"Origin" : "https://twitchinstudios.com",
"Referer" : "https://twitchinstudios.com"
},
mode: 'no-cors'});
const code = data.json.code;
console.log(code);
// Post to /token endpoint
const tokenCall = fetch (`https://streamlabs.com/api/v1.0/token?grant_type=authorization_token&client_id=knOhuT74QrSn8h1m8tU8ucrFfVIfUuVpll71ErbI&client_secret=${clientSecret}&redirect_uri=https%3A%2F%2Ftwitchinstudios.com&code=${code}`, {
method: 'POST',
mode: 'no-cors'
})
Here is the documentation for their API as well: https://dev.streamlabs.com/reference这里也是他们 API 的文档: https : //dev.streamlabs.com/reference
This is not a CORS issue, nor an API issue.这不是 CORS 问题,也不是 API 问题。 It was an issue in my understanding.
这是我理解的一个问题。
For anyone stumbling upon this, check for any Allow-Access headers being passed, and if none are being passed, you're not meant to access it from the web page level.对于任何遇到此问题的人,请检查是否传递了任何 Allow-Access 标头,如果没有传递,则您不打算从网页级别访问它。
Instead, allowing my node server to handle the request allowed me access.相反,允许我的节点服务器处理请求允许我访问。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.