[英]Node.js server gives Cross-Origin Request Blocked
我的Node.js服務器代碼正在AWS實例上運行。 它看起來像這樣:
var express = require('express'); var http = require('http'); var bodyParser = require('body-parser'); var logger = require('morgan'); var cors = require('cors'); var SuperLogin = require('superlogin'); var app = express(); app.set('port', process.env.PORT || 3000); app.use(logger('dev')); app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: false })); app.use(cors()); app.use(function(req, res, next) { res.header("Access-Control-Allow-Origin", "*"); res.header('Access-Control-Allow-Methods', 'DELETE, PUT'); res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept"); next(); }); var config = { dbServer: { protocol: 'http://', host: 'localhost:5984', user: '', password: '', userDB: 'sl-users', couchAuthDB: '_users' }, mailer: { fromEmail: 'gmail.user@gmail.com', options: { service: 'Gmail', auth: { user: 'gmail.user@gmail.com', pass: 'userpass' } } }, security: { maxFailedLogins: 3, lockoutTime: 600, tokenLife: 86400, loginOnRegistration: true, }, userDBs: { defaultDBs: { private: ['supertest'] } }, providers: { local: true } } // Initialize SuperLogin var superlogin = new SuperLogin(config); // Mount SuperLogin's routes to our app app.use('/auth', superlogin.router); app.listen(app.get('port')); console.log("App listening on " + app.get('port'));
我正在使用離子2應用程序,使PUT調用運行在端口3000上的Node.js服務器。當在我的筆記本電腦上的瀏覽器中運行應用程序時(使用ionic serve
),PUT調用給出了CORS錯誤:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading
the remote resource at http://ec2-xx-xxx-xx-4xx.eu-central-1.compute.amazonaws.com/auth/login.
(Reason: CORS header ‘Access-Control-Allow-Origin’ missing).
據我所知,服務器代碼設置為允許所有來源,但我仍然收到此錯誤。
這是因為預檢被觸發,這意味着OPTIONS請求將到達您的服務器。 正如@johannes merz在您的問題評論中指出的那樣,MDN在此描述中對此進行了很好的解釋。
您可以通過以下代碼來指示您的服務器接受它:
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header('Access-Control-Allow-Methods', 'DELETE, PUT');
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
if ('OPTIONS' == req.method) {
res.sendStatus(200);
}
else {
next();
}});
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.