如何使用凭证修复CORS错误:包含?
[英]How to fix CORS error with credentials: include?
问题描述
Another question about CORS, I looked through a lot of information, but couldn't do anything. 
关于CORS的另一个问题,我浏览了很多信息,但无能为力。 So I will be grateful for the help. 因此,我将感谢您的帮助。
I am sending a fetch request with credentials enabled. 我正在发送启用了凭据的获取请求。 What the browser regularly swears on at Access-Control-Allow-Credentials. 浏览器在“访问控制权限”凭据上经常发誓的内容。 I tried to configure a proxy, but it also does not work with it. 我尝试配置代理,但它也无法使用。 So I need to add Access-Control-Allow-Credentials in response settings on the server. 因此,我需要在服务器上的响应设置中添加Access-Control-Allow-Credentials。 But I don't realize how. 但是我不知道如何。
I'm using create-react-app. 我正在使用create-react-app。 There is not even a file with the familiar server code 甚至没有包含熟悉的服务器代码的文件
error: 错误:
The value of the 'Access-Control-Allow-Credentials' header in the response is ''
which must be 'true' when the request's credentials mode is 'include'
Response headers: 响应头:
access-control-allow-origin: http://localhost:3000
Request headers: 请求标头:
WARNING Provisional headers are shown
Access-Control-Request-Headers: access-control-allow-credentials,access-control-allow-origin
Access-Control-Request-Method: GET
Origin: http://localhost:3000
Referer: http://localhost:3000/
3 个解决方案
解决方案1
2 2019-07-25 17:07:57
Hi use the following code in your server.js or app.js in node. 嗨,在您的server.js或node中的app.js中使用以下代码。
var express = require('express');
var cors = require('cors');
var app = express();
app.use(cors());
app.all('*', function (req, res) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Content-Type,Content-Length, Authorization, Accept,X-Requested-With");
res.header("Access-Control-Allow-Methods", "PUT,POST,GET,DELETE,OPTIONS");```
解决方案2
1 2019-07-25 17:14:48
If your backend is using Express, try to add this piece of code below: 如果您的后端使用的是Express,请尝试在下面添加以下代码:
app.use(function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Credentials', true);
res.header(
'Access-Control-Allow-Headers',
'Origin, X-Requested-With, Content-Type, Accept'
);
next();
});
Another solution, you can use cors module, just basically install it: 另一个解决方案,您可以使用cors模块,只需基本安装即可:
npm install cors --save
And add this code in your server: 并将以下代码添加到您的服务器中:
var express = require('express');
var cors = require('cors');
var app = express();
app.use(cors());
解决方案3
0 2019-07-25 17:15:27
Since you're using create-react-app the easiest thing to do is to use a proxy so that the request looks like it is coming from the same domain and avoid CORS altogether. 由于您使用的是create-react-app,因此最简单的方法是使用代理,以便请求看起来像是来自同一域,并且完全避免了CORS。 Assuming your backend server will be on the same host, this is actually closer to production as well. 假设您的后端服务器将位于同一主机上,那么实际上这也更接近于生产。
Webpack has a clean way to do this. Webpack有一个干净的方法可以做到这一点。 See this blog by facebook: https://facebook.github.io/create-react-app/docs/proxying-api-requests-in-development 通过Facebook查看此博客: https : //facebook.github.io/create-react-app/docs/proxying-api-requests-in-development
This has gotten incredibly easy to do now. 现在,这已经变得非常容易。 All you need to do is add a proxy field to your package.json. 您需要做的就是将一个proxy字段添加到package.json中。 For example - 例如 -
"proxy": "http://localhost:4000",
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.