服务器无法使用从 Electron 应用程序发送的应用程序/xml 请求
[英]Server cannot consume application/xml request sent from Electron application
问题描述
I have a Javascript application generating an XML and sending it to a REST API.
我有一个 Javascript 应用程序生成 XML 并将其发送到 REST API。 The API is expecting content type: application/xml. API 需要内容类型:application/xml。 I have tried to attach the XML to the requests in different formats:我尝试将 XML 附加到不同格式的请求中:
import {create} from 'xmlbuilder2';
const rawXML = '<?xml version="1.0" encoding="UTF-8"?><TokenExchangeRequest xmlns="http://schemas.nav.gov.hu/OSA/2.0/api"><header><requestId>202003201315421</requestId><timestamp>2020-03-20T13:15:42.941Z</timestamp><requestVersion>2.0</requestVersion><headerVersion>1.0</headerVersion></header><user><login>vbdznuownd8murm</login><passwordHash>D6CD2AF6CD5912B800EC3050477E788C84804800A0235E93C7B47A436FD730504BFC979F44EB4C745F2968FE35772E1193F95BDC8DDFDC998A18C7E9E9718F28</passwordHash><taxNumber>66604093</taxNumber><requestSignature>EE265DA5AC4ADA7BBAD2D15581AA230CE50C90D9B7075814866BD43E92B30BCC0E52BA8355E0A09AB38F33D5EF7B502983ACBC5E42532C5EB8479BFDE5031AD2</requestSignature></user><software><softwareId>123456789123456789</softwareId><softwareName>placeholder</softwareName><softwareOperation>LOCAL_SOFTWARE</softwareOperation><softwareMainVersion>placeholder</softwareMainVersion><softwareDevName>placeholder</softwareDevName><softwareDevContact>placeholder</softwareDevContact><softwareDevCountryCode>HU</softwareDevCountryCode><softwareDevTaxNumber>placeholder</softwareDevTaxNumber></software></TokenExchangeRequest>'
let parser = new DOMParser();
let parserXML = parser.parseFromString(rawXML, "application/xml");
let xmlbuilderXML = create(rawXML);
fetch('https://api-test.onlineszamla.nav.gov.hu/invoiceService/v2/tokenExchange', {
method: 'POST', // *GET, POST, PUT, DELETE, etc.
mode: 'no-cors', // no-cors, *cors, same-origin
cache: 'no-cache', // *default, no-cache, reload, force-cache, only-if-cached
credentials: 'same-origin', // include, *same-origin, omit
headers: {
'Content-Type': 'application/xml',
'accept': 'application/xml'
// 'Content-Type': 'application/x-www-form-urlencoded',
},
redirect: 'follow', // manual, *follow, error
referrerPolicy: 'no-referrer', // no-referrer, *client
body: rawXML // body data type must match "Content-Type" header
});
The response I get:我得到的回应:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><GeneralExceptionResponse xmlns="http://schemas.nav.gov.hu/OSA/2.0/api" xmlns:ns2="http://schemas.nav.gov.hu/OSA/2.0/data"><funcCode>ERROR</funcCode><errorCode>OPERATION_FAILED</errorCode><message>RESTEASY003065: Cannot consume content type</message></GeneralExceptionResponse>
When I try to make the same call from Postman with the raw string as the xml body, the server can parse it and sends the appropriate response:当我尝试使用原始字符串作为 xml 正文从 Postman 进行相同调用时,服务器可以解析它并发送适当的响应:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<GeneralErrorResponse xmlns="http://schemas.nav.gov.hu/OSA/2.0/api" xmlns:ns2="http://schemas.nav.gov.hu/OSA/2.0/data">
<result>
<funcCode>ERROR</funcCode>
<errorCode>INVALID_REQUEST</errorCode>
<message>Helytelen kérés!</message>
</result>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Request body contains error: [cvc-pattern-valid: Value 'login' is not facet-valid with respect to pattern '[a-zA-Z0-9]{6,15}' for type 'LoginType'.]</message>
</technicalValidationMessages>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Field [login] contains error: [cvc-type.3.1.3: The value 'login' of element 'login' is not valid.]</message>
</technicalValidationMessages>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Request body contains error: [cvc-pattern-valid: Value '' is not facet-valid with respect to pattern '[0-9A-F]{128}' for type 'Sha512HashType'.]</message>
</technicalValidationMessages>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Field [passwordHash] contains error: [cvc-type.3.1.3: The value '' of element 'passwordHash' is not valid.]</message>
</technicalValidationMessages>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Request body contains error: [cvc-pattern-valid: Value '' is not facet-valid with respect to pattern '[0-9A-F]{128}' for type 'Sha512HashType'.]</message>
</technicalValidationMessages>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Field [requestSignature] contains error: [cvc-type.3.1.3: The value '' of element 'requestSignature' is not valid.]</message>
</technicalValidationMessages>
</GeneralErrorResponse>
Here the ERROR means that the server has PARSED the xml and has determined that the data INSIDE the XML in insufficient.这里的 ERROR 意味着服务器已经解析了 xml 并确定 XML 中的数据不足。 This is because a proper request would contain sensitive data, which I will not share for obvious reasons.这是因为正确的请求会包含敏感数据,出于显而易见的原因,我不会分享这些数据。
Postman collection:邮递员收藏:
{
"info": {
"_postman_id": "9e2f2870-d35b-45b0-8d35-a81d190a8679",
"name": "NAV",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "tokenExchange",
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"name": "Content-Type",
"value": "application/xml",
"type": "text"
},
{
"key": "accept",
"value": "application/xml",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<TokenExchangeRequest xmlns=\"http://schemas.nav.gov.hu/OSA/2.0/api\">\n <header>\n <requestId>202003201315421</requestId>\n <timestamp>2020-03-20T13:15:42.941Z</timestamp>\n <requestVersion>2.0</requestVersion>\n <headerVersion>1.0</headerVersion>\n </header>\n <user>\n <login>login</login>\n <passwordHash></passwordHash>\n <taxNumber>12345678</taxNumber>\n <requestSignature></requestSignature>\n </user>\n <software>\n <softwareId>123456789123456789</softwareId>\n <softwareName>placeholder</softwareName>\n <softwareOperation>LOCAL_SOFTWARE</softwareOperation>\n <softwareMainVersion>placeholder</softwareMainVersion>\n <softwareDevName>placeholder</softwareDevName>\n <softwareDevContact>placeholder</softwareDevContact>\n <softwareDevCountryCode>HU</softwareDevCountryCode>\n <softwareDevTaxNumber>placeholder</softwareDevTaxNumber>\n </software>\n</TokenExchangeRequest>",
"options": {
"raw": {
"language": "xml"
}
}
},
"url": {
"raw": "https://api-test.onlineszamla.nav.gov.hu/invoiceService/v2/tokenExchange",
"protocol": "https",
"host": [
"api-test",
"onlineszamla",
"nav",
"gov",
"hu"
],
"path": [
"invoiceService",
"v2",
"tokenExchange"
]
}
},
"response": []
}
],
"protocolProfileBehavior": {}
}
How should I attach the XML to the request in code?我应该如何将 XML 附加到代码中的请求?
EDIT:编辑:
The response if I take out "mode: cors" from the request header:如果我从请求标头中取出“mode:cors”,则响应:
<html><head><meta http-equiv='content-type' content='text/html;charset=utf-8'><title>400 Bad Request</title></head><body text=#000000 bgcolor=#ffffff><H1>400 Bad Request</H1></BR>An HTTP protocol violation was detected and your request was denied.</BR>SessionID: aZYz1fRA::02<BR>Date: 2020-03-20 09:05:33</body></html>
And the console:和控制台:
Failed to load https://api-test.onlineszamla.nav.gov.hu/invoiceService/v2/tokenExchange: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:9080' is therefore not allowed access. The response had HTTP status code 400. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
2 个解决方案
解决方案1
1 2020-03-25 09:05:45
First of all you have to remove no-cors , because application/xml is not allowed in no-cors .首先,您必须删除no-cors ,因为no-cors不允许使用application/xml 。 ( read more ) ( 阅读更多)
To solve the solution you have to config (reconfig) the back-end to accept such a request.要解决该解决方案,您必须配置(重新配置)后端以接受此类请求。 Here you can find an example for Node.js.您可以在此处找到 Node.js 的示例。
解决方案2
0 已采纳 2020-03-25 19:50:40
I have managed to fix the problem.我已经设法解决了这个问题。 It was more specific to the project than I thought.它比我想象的更针对项目。 This is an Electron application.这是一个电子应用程序。 I have turned off web security on the main window, and now it works properly.我在主窗口上关闭了网络安全,现在它可以正常工作了。 @Evert helped me come to this conclusion in comments. @Evert 帮助我在评论中得出了这个结论。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
无法 package electron 应用 - Cannot package electron application
从HTML5应用程序中的XML文件中获取数据? - Consume data from XML file in an HTML5 application?
从 Electron 应用程序打印 - Print from an Electron application
电子应用找不到松鼠 - Electron Application Cannot find Squirrel
无法使用电子应用程序从服务器获取/读取cookie - Unable to get/read cookies from the server using electron application
是否可以在从外部 Web 服务器加载的 Web 应用程序中使用 Electron? - Is it possible to use Electron in web application loaded from external web server?
从电子应用程序发送密钥? - Send keys from an electron application?
服务器使用混合应用程序发送事件 - Server Sent Events with Hybrid Application
url 方案:根据要求打开 Windows 应用程序 [Electron] - url scheme: open windows application on request [Electron]
无法在VSCode中调试Electron JS应用程序 - Cannot Debug Electron JS application in VSCode
相关标签