AngularJS禁用CORS？ [英] AngularJS disabling CORS?

问题描述

也许我失去了一些东西完全是，但我有一个服务器在本地运行，并拥有的不的配置角度使用CORS为$ HTTP请求。当我做一个HTTP请求到localhost：＆LT;港口＆GT; ，我看到Chrome的创建选项要求先

Maybe I'm missing something entirely, but I have a server running locally, and have not configured Angular to use CORS for $http requests. When I make an HTTP request to localhost:<port>, I see Chrome create an OPTIONS request first.

由于我需要支持IE 8 - 和AngularJS绝对不会与CORS那里工作 - 我需要删除CORS

Because I need to support IE 8 - and AngularJS definitely will not work there with CORS - I need to remove CORS.

我已经试过直接设置 POST 方法的不的使用 $ http.post 包装与无济于事。也许这是关系到 https://github.com/angular/angular.js/issues/ 1585

I have tried directly setting the POST method not using the $http.post wrapper with no avail. Perhaps this is related to https://github.com/angular/angular.js/issues/1585

我也试过直接从控制器调用一个jQuery阿贾克斯后 - 甚至与CORS选项为假（因为它似乎默认为真）。它还创建了一个CORS请求。

I've also tried calling a jQuery ajax post directly from a controller - even with the CORS option as false (because it seemed to default to true). It still creates a CORS request.

什么是配置呢？

推荐答案

CORS是你可以设置任何配置你的请求URL的结果，不可以。如果你的出身不匹配请求URL协议/域/端口，你会得到一个CORS请求 - 没有例外

CORS is a result of your request url, not of any configuration you can set. If your origin does not match the request url protocol/domain/port, you will get a CORS request--no exceptions.

例如，对于 http://www.example.com:8080 的由来：

这是一个CORS请求： http://example.com:8080/path.json （不同的子域）

This is a CORS request: http://example.com:8080/path.json (different subdomain)

这是一个CORS请求： http://www.example.com/path.json （不同的端口）

This is a CORS request: http://www.example.com/path.json (different port)

这是一个CORS请求： https://www.example.com:8080/path.json （不同的协议）

This is a CORS request: https://www.example.com:8080/path.json (different protocol)

这是不会 CORS请求： http://www.example.com:8080 /path.json （协议，域和端口的所有匹配的由来）

This is NOT a CORS request: http://www.example.com:8080/path.json (the protocol, domain, and port all match the origin)

话虽这么说，OPTIONS请求正在发生的事情，因为你的标准头外的报头（很可能，你的要求有一个X-要求，使用包头）。在Angular.js，你可以删除此：

That being said, the OPTIONS request is happening because you have a header outside of the standard headers (very likely, your request has an X-Requested-With header). In Angular.js, you can remove this with:

angular.module('yourModuleHere')
    .config(function ($httpProvider) {
        delete $httpProvider.defaults.headers.common['X-Requested-With'];
    });

请注意，对于以上Angular.js 1.2，X-请求 - 由于不是在默认的常见标题列表。你并不需要从列表中删除。

Note that for Angular.js 1.2 and above, X-Requested-With is not in the default common headers list. You don't need to remove it from the list.

这篇关于AngularJS禁用CORS？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！