GET 请求从浏览器和邮递员工作,但在 React App 中从本地主机失败,端点是否必须添加访问控制允许来源?
[英]GET request works from browser & Postman but fails from localhost in React App, does the endpoint necessarily have to add access-control-allow-origin?
问题描述
I am working on a project where I was given an endpoint to get some data.
我正在从事一个项目,在该项目中我获得了一个端点来获取一些数据。 I put that endpoint's url in the browser, and I see JSON as expected.我将该端点的 url 放在浏览器中,并且按预期看到了 JSON。 I make the same request in Postman, and I get the expected result.我在 Postman 中提出了同样的请求,我得到了预期的结果。 Then, making the request using fetch or axios from localhost in a React app, when I run the app in the browser I get a:然后,在 React 应用程序中使用来自localhost fetch或axios发出请求,当我在浏览器中运行该应用程序时,我得到:
Access to fetch at ' https://providedurl/path ' from origin ' http://localhost:3000 ' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I just want to make sure there is nothing I can do about this?我只是想确保我对此无能为力? Is the only solution to have the endpoint be modified to add the Access-Control-Allow-Origin header, or is there something that can be done from the request side?是修改端点以添加Access-Control-Allow-Origin标头的唯一解决方案,还是可以从请求端完成某些操作?
2 个解决方案
解决方案1
1 2019-07-20 15:52:26
CORS (Cross-Origin Resource Sharing) is a way for the server to say “I will accept your request, even though you came from a different origin.” CORS(跨域资源共享)是服务器说“我会接受你的请求,即使你来自不同的来源”的一种方式。 This requires cooperation from the server – so if you can't modify the server (eg if you're using an external API), this approach won't work.这需要服务器的合作——因此如果您无法修改服务器(例如,如果您使用外部 API),则此方法将不起作用。
Modify the server to add the header Access-Control-Allow-Origin: * to enable cross-origin requests from anywhere (or specify a domain instead of *).修改服务器以添加头 Access-Control-Allow-Origin: * 以启用来自任何地方的跨域请求(或指定域而不是 *)。 This should solve your problem.这应该可以解决您的问题。
But you are able to access it in Postman and browsers, if you can disable the CORS in browser level it will work.但是您可以在 Postman 和浏览器中访问它,如果您可以在浏览器级别禁用 CORS,它将起作用。
Disable CORS in Chrome:在 Chrome 中禁用 CORS:
Create a new shortcut for the chrome browser and rename to "anyname(disablecors)"
为chrome浏览器创建一个新的快捷方式并重命名为“anyname(disablecors)”Right click on new created shortcut and select properties
右键单击新创建的快捷方式并选择属性Create a folder in your system with any name(tempchrome).
在您的系统中创建一个任何名称的文件夹(tempchrome)。Select shorcut tab and add target as ""[PATH_TO_CHROME]\\chrome.exe" --disable-web-security --disable-gpu --user-data-dir= "path of the tempchrome""
选择快捷选项卡并将目标添加为 ""[PATH_TO_CHROME]\\chrome.exe" --disable-web-security --disable-gpu --user-data-dir="tempchrome 的路径""Click on apply and save.
单击应用并保存。Open your application in newly created chrome shortcut(disablecors)
在新创建的 chrome 快捷方式(disablecors)中打开您的应用程序
解决方案2
0 2021-01-29 13:34:40
Another quick fix in case you have front end running on port 3000 and backend on 5000 is to apply proxy.如果前端在端口 3000 上运行而后端在 5000 上运行,另一个快速解决方法是应用代理。 It goes like this.它是这样的。 Put in your client package the following above dependencies:将以下依赖项放入您的客户端包中:
"proxy": "http://localhost:5000",
Then make the request relative, NOT absolute.然后使请求相对,而不是绝对。 Should work with this setup.应该使用此设置。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.