[英]am I simulating CORS with cURL correctly and do I need to implement OPTIONS request
我對Web服務器開發以及對HTTP標頭的工作方式了解不佳。 我已經讀了很多書,但還是有些困惑。 目前,我正在嘗試使用cURL模擬CORS請求。 (需要用於個人發展)。 為此,我找到了一個用C編寫的簡單REST服務器 (C是我最熟悉的語言)。 代碼實際上位於此處 。 我發現這篇文章解釋了如何模擬CORS。
這是問題所在:
如果我跑步
curl -H "Origin: http://localhost:3000" \
-H "Access-Control-Request-Method: POST" \
-H "Access-Control-Request-Headers: X-Requested-With" \
-X OPTIONS --verbose \
http://localhost:8537/test
請求失敗,並顯示以下響應
* Trying ::1...
* TCP_NODELAY set
* connect to ::1 port 8537 failed: Connection refused
* Trying ::1...
* TCP_NODELAY set
* connect to ::1 port 8537 failed: Connection refused
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8537 (#0)
> OPTIONS /test HTTP/1.1
> Host: localhost:8537
> User-Agent: curl/7.61.1
> Accept: */*
> Origin: http://localhost:3000
> Access-Control-Request-Method: POST
> Access-Control-Request-Headers: X-Request-With
>
< HTTP/1.1 404 Not Found
< Connection: Keep-Alive
< Content-Length: 32
< Access-Control-Allow-Origin: *
< Date: Sat, 12 Jan 2019 02:21:59 GMT
<
* Connection #0 to host localhost left intact
Page not found, do what you want
但是,如果我使用-X POST
而不是-X OPTIONS
運行相同的請求,即
curl -H "Origin: http://localhost:3000" \
-H "Access-Control-Request-Method: POST" \
-H "Access-Control-Request-Headers: X-Requested-With" \
-X POST --verbose \
http://localhost:8537/test
該請求成功,並顯示以下響應:
* Trying ::1...
* TCP_NODELAY set
* connect to ::1 port 8537 failed: Connection refused
* Trying ::1...
* TCP_NODELAY set
* connect to ::1 port 8537 failed: Connection refused
* Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8537 (#0)
> POST /test HTTP/1.1
> Host: localhost:8537
> User-Agent: curl/7.61.1
> Accept: */*
> Origin: http://localhost:3000
> Access-Control-Request-Method: POST
> Access-Control-Request-Headers: X-Request-With
>
< HTTP/1.1 200 OK
< Connection: Keep-Alive
< Content-Length: 19
< Access-Control-Allow-Origin: *
< Date: Sat, 12 Jan 2019 02:25:28 GMT
<
Hello World!
* Connection #0 to host localhost left intact
(null)
如果執行,我得到相同的結果
curl -H "Origin: http://localhost:3000" -X OPTIONS --verbose http://localhost:8537/test
和
curl -H "Origin: http://localhost:3000" -X POST --verbose http://localhost:8537/test
即,該請求因OPTIONS請求而失敗,而隨着POST請求而成功。
該代碼確實允許CORS(至少我認為的那樣)。 這是執行此操作的代碼行
u_map_put(instance.default_headers, "Access-Control-Allow-Origin", "*");
所以這是問題:
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.