stackoom
  简体   繁体   中英

Node Js Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers in preflight response

 原文  2018-07-16 07:37:04       node.js/ google-cloud-endpoints

Question

After adding custom header(named as 'RBR') in node API and hosting as Google Endpoint in Flex Environment,getting CORS error. This node API called from Angular code. We have hosted both Angular and Node code as Google Flex Environment. API has three parameters two header value and one body value. 1.Authorization (ie OAuth JWT token) 2. RBR (we have custom repository for Authorization) 3. body value - Json type.

In the openapi.yaml file we have added below lines for CORS issue. 

x-google-endpoints:
    - name: "backend-dot-sanm-gcp-kafka-shipping-dev.appspot.com"
    allowCors: "true"

In node js we have added below code for CORS issue. 

app.use((req, res, next) => {
  res.header("Access-Control-Allow-Origin", "*");
  res.header("Access-Control-Allow-Headers",
    "Access-Control-Allow-Headers,Origin,Accept,X-Requested-With,Content-Type,Access-Control-Request-Method,Access-Control-Request-Headers,authorization,rbr");
  if (req.headers.origin) {
    res.header('Access-Control-Allow-Origin', req.headers.origin);
  }
  if (req.method === 'OPTIONS') {
    res.header("Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE");
    return res.status(200).json({});
  }
  res.setHeader('Access-Control-Allow-Credentials', true);
  next();
});

2 answers

solution1
 1 ACCPTED  2018-07-20 14:00:20

Below are the steps to solve this CORS issue in NodeJs+Google Flex Environment,

  1. Update your middleware code 

      app.use((req, res, next) => { res.header("Access-Control-Allow-Origin", "*"); res.header("Access-Control-Allow-Headers", "Origin, X-Requeted-With, Content-Type, Accept, Authorization, RBR"); if (req.headers.origin) { res.header('Access-Control-Allow-Origin', req.headers.origin); } if (req.method === 'OPTIONS') { res.header("Access-Control-Allow-Methods", "GET, POST, PUT, PATCH, DELETE"); return res.status(200).json({}); } next(); });

  2. In the app.yaml 

handlers:
    - url: /
      static_dir: /
      http_headers:
        Access-Control-Allow-Origin: '*'

solution2
 0  2018-07-16 08:18:11

Try this:

1.In terminal: npm i cors --save

2.In you code: 

app.use(cors());
app.options('*', cors());

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Node JS - CORS - Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response. (node, react, axios) Angularjs Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers in preflight response allowing options method with restify - Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response Request header field authentication is not allowed by Access-Control-Allow-Headers in preflight response Request header field content-type is not allowed by Access-Control-Allow-Headers in preflight response CORS error :Request header field Authorization is not allowed by Access-Control-Allow-Headers in preflight response Request header field ack is not allowed by Access-Control-Allow-Headers in preflight response even the server already allowing it NodeJS + ExpressJS: Request header field not allowed by Access-Control-Allow-Headers in preflight response AWS API Gateway returns access-control-allow-origin is not allowed by Access-Control-Allow-Headers in preflight response
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM