本地主机上的Socket.io + Express CORS错误(Access-Control-Allow-Origin不允许)
[英]Socket.io + Express CORS Error on localhost (not allowed by Access-Control-Allow-Origin)
问题描述
I have a working node.js Express server to which I would to add socket.io support (allow javascript clients to connect via socket.io). 
我有一个工作的node.js Express服务器,我要向其中添加socket.io支持(允许javascript客户端通过socket.io连接)。 I can connect to the express server via a Javascript $.get(), but the socket.io.connect() command fails due to a CORS error. 我可以通过Javascript $ .get()连接到Express Server,但是由于CORS错误,socket.io.connect()命令失败。
My testing machine is OSX with Apache to serve the client, thus port 80 is taken, so I have node.js/express running on port 8888. I added socket.io per the documentation: 我的测试机器是带有Apache的OSX,可以为客户端提供服务,因此使用了端口80,因此我在端口8888上运行了node.js / express。我根据文档添加了socket.io:
var exp = express();
var server = require('http').createServer(api.server);
exp.listen(8888);
var io = require('socket.io').listen(server);
io.sockets.on('connection', function(socket) {
console.log('connection');
});
I properly see "info: socket.io started" in my node.js logs. 我在node.js日志中正确看到“ info:socket.io starts”。
Then, on the client, I attempt to connect to the server... 然后,在客户端上,我尝试连接到服务器...
this.socket = io.connect('http://localhost:8888');
this.socket.on('connect',function() {
socket.emit('install','test');
});
However, I'm getting a CORS error in the console in Chrome: 但是,我在Chrome的控制台中收到CORS错误:
XMLHttpRequest cannot load http://localhost:8888/socket.io/1/?t=1358715637192. Origin http://localhost is not allowed by Access-Control-Allow-Origin.
HOWEVER, THIS works fine! 但是,这很好用!
$.get('http://localhost:8888',function(e,d){
console.log(e,d);
});
So I double checked my headers, for both localhost:8888 and localhost -- both are properly returning the headers which (should) allow for the cross-domain requests... 所以我仔细检查了localhost:8888和localhost的标头-两者都正确返回了(应该)允许跨域请求的标头...
Access-Control-Allow-Origin: * 访问控制允许来源:*
Any ideas? 有任何想法吗?
1 个解决方案
解决方案1
0 2013-01-20 22:01:40
CORS is a very tricking thing to get working (or at least it was for me). CORS是一件很棘手的事情(或者至少对我而言)。 I recommend this resource here: http://enable-cors.org/ 我在这里推荐此资源: http : //enable-cors.org/
Following what they do very carefully helped me. 按照他们的所作所为非常认真地帮助了我。 I also found that different browsers gave different visibility over the CORS request/responses which helped. 我还发现,不同的浏览器对CORS请求/响应具有不同的可见性,这有所帮助。
I found that Chrome was easier to get working than firefox, but firefoxes tools such as firebug, were quite nice to work with. 我发现Chrome比firefox更易于使用,但是使用firebug等firefoxes工具非常不错。
My gut feel from your information is that you might need your request to have an X-Request-With in your request attributes. 根据您的信息,我的直觉是您可能需要您的请求在请求属性中包含X-Request-With。
I also found using fidler to send the http requests allowed me to narrow my problems down to the server side initially and get that working. 我还发现使用fidler发送http请求可以使我最初将问题缩小到服务器端并使之正常工作。 You will find browser enforce CORS, but something like fidler doesn't and thus provides another way of inspecting what is happening. 您会发现浏览器强制执行CORS,但诸如fidler之类的功能却没有,因此提供了另一种检查正在发生的情况的方法。
I definately recommend trying to break the problem in half so that you can see if it is server side or client side that is not behaving how you expect. 我绝对建议尝试将问题分解成两半,以便查看服务器端或客户端是否不符合预期。
My problem was related to returning the same CORS response for the OPTIONS header as the POST or GET. 我的问题与对OPTIONS标头返回与POST或GET相同的CORS响应有关。 That was wrong. 错了 Chrome allowed it. Chrome允许使用。 Firefox didnt. Firefox没有。 Any options request that is sent out will be sent out once, then in the future it will be cached and not resent (Which caused alot of confusion for me initially). 发送的所有选项请求都将被发送一次,然后在将来将被缓存而不重新发送(这最初对我造成了很多混乱)。 For the options request you just need a standard response saying its ok to proceed, then in the post or get response i believe you want your cors responses there only. 对于选项请求,您只需要一个标准答复,说可以继续进行,然后在帖子中或得到答复,我相信您只希望您的cors答复在那里。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.