离子带导轨的CORS问题

Question

我正在尝试使用ionic和backend作为Rails的示例项目。 当我使用离子服务启动离子服务器并提交我的样品表格时

XMLHttpRequest cannot load http://localhost:3000/signup. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8100' is therefore not allowed access. The response had HTTP status code 404.

尝试了一些我在google中获得的答案，但是却找不到。 以下是我的app.js代码index.html和ionic.project文件代码。

angular.module('starter', ['ionic'])

.run(function($ionicPlatform) {
  $ionicPlatform.ready(function() {
    if(window.cordova && window.cordova.plugins.Keyboard) {
      cordova.plugins.Keyboard.hideKeyboardAccessoryBar(true);
      cordova.plugins.Keyboard.disableScroll(true);
    }
    if(window.StatusBar) {
      StatusBar.styleDefault();
    }
  });
})

.constant('ApiEndpoint',  'http://localhost:3000/')

.config(function($stateProvider, $urlRouterProvider) {
  $stateProvider
  .state('signUp',{
    cache: false,
    url: "/signUp",
    templateUrl: "templates/signUp.html",
    controller: 'ExampleCtrl'
  }) 

  $urlRouterProvider.otherwise("/signUp");
})

.controller('ExampleCtrl', ['$scope','$http','ApiEndpoint', function ($scope, $http, ApiEndpoint) {

  $scope.registrationForm = {};

  $scope.signUp = function(){
    console.log($scope.registrationForm);
    console.log(ApiEndpoint);
     $http.post(ApiEndpoint + "signup", {a: 1}).then(function(result){
       console.log(result);
       $scope.registrationForm = {};
     }, function(error){
       console.log(error);
       $scope.registrationForm = {};
     })
  }
}])


<!DOCTYPE html>
<html>
  <head>
    <meta charset="utf-8">
    <meta name="viewport" content="initial-scale=1, maximum-scale=1, user-scalable=no, width=device-width">
    <meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'">
    <title></title>

    <link href="lib/ionic/css/ionic.css" rel="stylesheet">
    <link href="css/style.css" rel="stylesheet">

    <!-- IF using Sass (run gulp sass first), then uncomment below and remove the CSS includes above
    <link href="css/ionic.app.css" rel="stylesheet">
    -->

    <!-- ionic/angularjs js -->
    <script src="lib/ionic/js/ionic.bundle.js"></script>

    <!-- cordova script (this will be a 404 during development) -->
    <script src="cordova.js"></script>

    <!-- your app's js -->
    <script src="js/app.js"></script>
  </head>
  <body ng-app="starter" animation="slide-left-right-ios7">
    <ion-pane>
      <ion-nav-bar class="nav-title-slide-ios7 bar-stable">
        <ion-nav-back-button></ion-nav-back-button>
      </ion-nav-bar>
      <ion-nav-view>
      </ion-nav-view>
    </ion-pane>
  </body>

</html>

{
  "name": "kranthi_web",
  "app_id": "",
  "proxies": [
    {
      "path": "/api",
      "proxyUrl": "http:localhost:3000/"
    }
  ]
}

有人可以告诉我我在哪里做错了吗

Answer 1

CORS（跨源资源共享）策略旨在防止对不同域资产的XML请求。

基本上，如果要通过XML向其他域/服务器请求资源，则需要确保在该服务器上具有相应的CORS策略来处理它。

---

默认情况下，Rails阻止响应任何外部XML请求。 解决该问题的唯一方法是允许您通过自己的CORS策略使用该资源。

rack-cors ， rack-cors宝石是最好的：

#config/application.rb
# ...

config.middleware.insert_before 0, "Rack::Cors" do
  allow do
    origins '*'
    resource '*', :headers => :any, :methods => [:get, :post, :options]
  end
end

如果为您的域（IE本地主机或其他）设置了以上内容，则应该能够从前端JS访问后端。

...并记住，使用Angular /其他JS类型框架，您将每次都发送XML请求。

Answer 2

在基本控制器中，应提供Access-Control-Allow-Origin标头。

   class Api::BaseController < ActionController::Base

      before_action :cors_preflight_check
      after_action :cors_set_access_control_headers

      protected

      def cors_preflight_check
        if request.method == 'OPTIONS'
          headers['Access-Control-Allow-Origin'] = '*'
          # ...
        end
      end

      def cors_set_access_control_headers
        headers['Access-Control-Allow-Origin'] = '*'
        # ...
      end
    end