Express和CORS的问题
[英]Problems with express and CORS
问题描述
I am running a nodejs script with express. 
我正在用express运行nodejs脚本。 I have read the documentation but I can't make CROS requests still. 我已经阅读了文档,但仍然无法发出CROS请求。 I am running a web server to show how it is not working: http://a56f1bae.ngrok.io/ 我正在运行一个Web服务器,以显示其如何工作: http : //a56f1bae.ngrok.io/
I really do not know why it is not working, it is almost exactly as it is in the documentation. 我真的不知道为什么它不起作用,它几乎与文档中的一样。
Here is my script if that helps: 这是我的脚本,如果有帮助的话:
var express = require('express');
var app = express();
app.use(function(req, res, next) {
res.header('Access-Control-Allow-Origin', "*");
res.header('Access-Control-Allow-Methods','GET,PUT,POST,DELETE');
res.header('Access-Control-Allow-Headers', 'Content-Type');
next();
})
app.get('*', function (req, res) {
res.send(html);
});
app.listen(3000, function () {
console.log('Server running on port 3000');
});
var html = `
<html>
<head>
<script>
var url = 'https://suggestqueries.google.com/complete/search?output=firefox&hl=en&q=test';
var request = new XMLHttpRequest();
if('withCredentials' in request) {
// Firefox 3.5 and Safari 4
try{
request.open('GET', url, false);
request.send();
document.write('It is doing fine!');
} catch (err){
document.write(err)
}
} else if (XDomainRequest) {
// IE8
try{
var xdr = new XDomainRequest();
xdr.open('get', url);
xdr.send();
document.write('It is doing fine!');
} catch (err){
document.write(err)
}
// handle XDR responses -- not shown here :-)
}
</script>
</head>
</html>
`;
Thank you so much and sorry if my question is obviously. 非常感谢您,如果我的问题很明显,对不起。
1 个解决方案
解决方案1
1 已采纳 2018-08-05 13:30:14
I think you have a conceptual problem. 我认为您有一个概念上的问题。
You have to set cors header to the SERVER not the CLIENT. 您必须将cors标头设置为SERVER而不是CLIENT。
You want to access suggestqueries.google.com from localhost:3000 . 您要从localhost:3000访问suggestqueries.google.com 。 That means in this case the server is Server is google.com or I guess google API . 这意味着在这种情况下,服务器是Server或google API 。 That means you need to set the cors there, in the google api. 这意味着您需要在google API中在那里设置cors。
If let's say you had an app running in localhost:someport and access localhost:3000 which may serve as api service, then you needed to add cors to your Express app. 如果假设您有一个运行在localhost:someport的应用程序,并且访问了localhost:3000 (可以用作api服务),则需要将cors添加到Express应用程序中。 Because then it would have been your SERVER. 因为那样的话它将是您的SERVER。
Check this out: https://developers.google.com/api-client-library/javascript/features/cors 检查一下: https : //developers.google.com/api-client-library/javascript/features/cors
Note: For development purpose you can disable same origin policy in chrome. 注意:出于开发目的,您可以在Chrome中禁用相同的来源策略。 refer here on how to do that: Disable same origin policy in Chrome 请参阅此处有关如何执行的操作: 在Chrome中禁用相同的来源策略
Edit: A workaround 编辑:一种解决方法
As there are very little docs for google suggest, You can use jsonp to overcome the cors issue. 由于Google建议的文档很少,因此您可以使用jsonp来克服cors问题。 check: JavaScript XMLHttpRequest using JsonP 检查: 使用JsonP的JavaScript XMLHttpRequest
Instead using XMLHttpRequest try using the jsonp function created by @paul 而是使用XMLHttpRequest尝试使用@paul创建的jsonp函数
function jsonp(url, callback) { var callbackName = 'jsonp_callback_' + Math.round(100000 * Math.random()); window[callbackName] = function(data) { delete window[callbackName]; document.body.removeChild(script); callback(data); }; var script = document.createElement('script'); script.src = url + (url.indexOf('?') >= 0 ? '&' : '?') + 'callback=' + callbackName; document.body.appendChild(script); } jsonp('http://www.helloword.com', function(data) { alert(data); });
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.