問題描述

我有一個在服務器上運行的 API 和一個連接到它以檢索數據的前端客戶端.我對跨域問題進行了一些研究并使其正常工作.但是我不確定發生了什么變化.我現在在控制臺中收到此錯誤:

I have an API running on a server and a front-end client connecting to it to retrieve data. I did some research on the cross domain problem and has it working. However I've not sure what has changed. I am now getting this error in the console:

XMLHttpRequest 無法加載 https://api.mydomain/api/status.不請求中存在Access-Control-Allow-Origin"標頭資源.因此，來源 'http://beta.mydomain.com' 是不允許的使用權.響應的 HTTP 狀態代碼為 502.

XMLHttpRequest cannot load https://api.mydomain/api/status. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://beta.mydomain.com' is therefore not allowed access. The response had HTTP status code 502.

我有以下路由文件:

var express = require('express');
var router = express.Router();
var Assessment = require('../app/models/assessment');

router.all('*', function (req, res, next) {
    res.header('Access-Control-Allow-Origin', '*');
    res.header('Access-Control-Allow-Methods', 'PUT, GET, POST, DELETE, OPTIONS');
    res.header('Access-Control-Allow-Headers', 'Content-Type');
    next();
});


router.post('/api/status', function (req, res, next) {
    getStatus.getStatus(req, res, Assessment);
});

module.exports = router;

以下 JavaScript 對該路由進行 Ajax 調用:

And the following JavaScript making an Ajax call to that route:

var user = {
    'uid' : '12345'
};
$.ajax({
    data: user,
    method: 'POST',
    url: 'https://api.mydomain/api/status',
    crossDomain: true,
    done: function () {
    },
    success: function (data) {
        console.log(JSON.stringify(data));
    },
    error: function (xhr, status) {

    }
});

我嘗試過:將請求域放在Access-Control-Allow-Origin"標頭中使用 cors 模塊進行 express將我的 router.all 函數放入中間件中

I have tried: Putting the requesting domain in the 'Access-Control-Allow-Origin' header Using the cors module for express Putting my router.all function inside middleware

請求域是 HTTP，api 域是 HTTPS.但是，在啟用 HTTP 時，我已經讓它工作了.

The requesting domain is HTTP and the api domain is on HTTPS. However, I have had it working while the HTTP was enabled.

有沒有人知道為什么沒有發送Access-Control-Allow-Origin"標頭?

Does anyone have any insight into why the 'Access-Control-Allow-Origin' header is not being send?

謝謝

推薦答案

不要將請求標頭設置為您的快速路由，您可以嘗試將其設置為這樣表達實例本身嗎，

Instead of setting the request headers to your express route, Can you try setting it to express instance itself like this,

var express = require('express');
var app = express();
var Assessment = require('../app/models/assessment');

app.use(function(req, res, next) {
  res.header("Access-Control-Allow-Origin", "*");
  res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
  next();
});

app.post('/api/status', function (req, res, next) {
    // your code goes here
});

module.exports = app;

希望這會有所幫助！

這篇關于Express JS:請求的資源上不存在“Access-Control-Allow-Origin"標頭的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！