[英]Python flask-cors ImportError: No module named 'flask-cors' Raspberry pi
[英]Python Flask-cors not returning back any of the cors headers in response
我正在使用Flask-Cors==3.0.3
這是我為應用設置的方式,其中前端位於apache上的localhost:9000
上,后端位於localhost:8080
:
app = Flask(_name_, template_folder="www/templates", static_folder ="www/static" )
app.config['API_UPLOAD_FOLDER'] = config.API_UPLOAD_FOLDER
app.config['SMOKE_UPLOAD_FOLDER'] = config.SMOKE_UPLOAD_FOLDER
app.config['MONGODB_SETTINGS'] = {
'db': config.MONGO_DBNAME,
'host': config.MONGO_URI
}
app.config['CORS_HEADERS'] = 'Content-Type, auth'
app.config['CORS_RESOURCES'] = {r"/apis/*":{"origins":"http://localhost:9000"}}
app.config['CORS_METHODS'] = "GET,POST,OPTIONS"
app.config['CORS_SUPPORTS_CREDENTIALS'] = True
CORS(app)
我的要求是這樣的:
OPTIONS /apis/register HTTP/1.1
Host: localhost:8080
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:57.0) Gecko/20100101 Firefox/57.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://localhost:9000
Connection: close
響應是:
HTTP/1.1 200 OK
Server: nginx/1.10.1 (Ubuntu)
Date: Tue, 02 Jan 2018 08:52:29 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: close
Allow: POST, OPTIONS
我也嘗試用這種方式代替上面的方法,結果仍然是相同的...響應中沒有CORS標頭:(
Cors = CORS(app, resources={r"/apis/*": {"origins": "localhost:9000"}}, supports_credentials=True, methods="GET, POST, OPTIONS", allow_headers="Content-type, auth")
我在這里做錯什么了嗎? 正在嘗試通過更改此內容進行更多操作:
app.config['CORS_HEADERS'] = 'Content-Type, auth'
app.config['CORS_RESOURCES'] = {r"/apis/*":{"origins":"http://localhost:9000"}}
app.config['CORS_METHODS'] = "GET,POST,OPTIONS"
app.config['CORS_SUPPORTS_CREDENTIALS'] = True
對此:
app.config['CORS_HEADERS'] = ['Content-Type, auth']
app.config['CORS_RESOURCES'] = {r"/apis/*":{"origins":"http://localhost:9000"}}
app.config['CORS_METHODS'] = ["GET,POST,OPTIONS"]
app.config['CORS_SUPPORTS_CREDENTIALS'] = True
但結果相同:(
似乎有效的方法是使用裝飾器而不是像這樣的全局應用程序級別設置:
@cross_origin(supports_credentials=True, methods=["GET, POST, OPTIONS"], headers=["content-type, auth"])
在flask-cors的源代碼中有一條注釋:
“如果起源中有通配符,即使'send_wildcard'為False,也只需發送通配符。除非support_credentials為True,否則該規范禁止這樣做。”
它們參考此處的規范: http : //www.w3.org/TR/cors/#resource-requests ,其中明確指出“注意:字符串“ *”不能用於支持憑據的資源。“
因此,解決方案似乎是不使用通配符起源。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.