问题描述
我有一个在服务器上运行的 API 和一个连接到它以检索数据的前端客户端.我对跨域问题进行了一些研究并使其正常工作.但是我不确定发生了什么变化.我现在在控制台中收到此错误:
I have an API running on a server and a front-end client connecting to it to retrieve data. I did some research on the cross domain problem and has it working. However I've not sure what has changed. I am now getting this error in the console:
XMLHttpRequest 无法加载 https://api.mydomain/api/status.不请求中存在Access-Control-Allow-Origin"标头资源.因此,来源 'http://beta.mydomain.com' 是不允许的使用权.响应的 HTTP 状态代码为 502.
XMLHttpRequest cannot load https://api.mydomain/api/status. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://beta.mydomain.com' is therefore not allowed access. The response had HTTP status code 502.
我有以下路由文件:
var express = require('express');
var router = express.Router();
var Assessment = require('../app/models/assessment');
router.all('*', function (req, res, next) {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'PUT, GET, POST, DELETE, OPTIONS');
res.header('Access-Control-Allow-Headers', 'Content-Type');
next();
});
router.post('/api/status', function (req, res, next) {
getStatus.getStatus(req, res, Assessment);
});
module.exports = router;
以下 JavaScript 对该路由进行 Ajax 调用:
And the following JavaScript making an Ajax call to that route:
var user = {
'uid' : '12345'
};
$.ajax({
data: user,
method: 'POST',
url: 'https://api.mydomain/api/status',
crossDomain: true,
done: function () {
},
success: function (data) {
console.log(JSON.stringify(data));
},
error: function (xhr, status) {
}
});
我尝试过:将请求域放在Access-Control-Allow-Origin"标头中使用 cors 模块进行 express将我的 router.all 函数放入中间件中
I have tried: Putting the requesting domain in the 'Access-Control-Allow-Origin' header Using the cors module for express Putting my router.all function inside middleware
请求域是 HTTP,api 域是 HTTPS.但是,在启用 HTTP 时,我已经让它工作了.
The requesting domain is HTTP and the api domain is on HTTPS. However, I have had it working while the HTTP was enabled.
有没有人知道为什么没有发送Access-Control-Allow-Origin"标头?
Does anyone have any insight into why the 'Access-Control-Allow-Origin' header is not being send?
谢谢
推荐答案
不要将请求标头设置为您的快速路由,您可以尝试将其设置为这样表达实例本身吗,
Instead of setting the request headers to your express route, Can you try setting it to express instance itself like this,
var express = require('express');
var app = express();
var Assessment = require('../app/models/assessment');
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
});
app.post('/api/status', function (req, res, next) {
// your code goes here
});
module.exports = app;
希望这会有所帮助!
这篇关于Express JS:请求的资源上不存在“Access-Control-Allow-Origin"标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!