Express CORs策略防止Apollo客户端从服务器获取 [英] Express CORs policy preventing Apollo client from fetching from server

问题描述

我正在 http：// localhost：3000 上运行React开发服务器，并在 http：// localhost：8080上运行快递服务器，并且正在使用Apollo客户端查询服务器。为了使会话数据能够从客户端传递到服务器，我在初始化Apollo客户端时添加了 credentials： include 参数。

I'm running a react dev server on http://localhost:3000 and an express server on http://localhost:8080 and am using an Apollo Client to query the server. To enable session data to be passed from client to server I have added the credentials: "include" parameter when initializing the Apollo Client.

我在快递服务器中添加了以下行（在定义路由之前）以配置cors：

I've added the following line in my express server (before the routes are defined) to configure cors:

app。 use（cors（{凭据：true，来源： http：// localhost：3000}））;

但是，执行时查询时，将引发以下错误：

However, when executing queries, the following error is thrown:

Access to fetch at 'http://localhost:8080/graphql' from origin 'http://localhost:3000' has been blocked by CORS policy: The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'.

标题响应为什么显示为 * ？我是在错误地配置COR还是缺少其他功能？

Why is the header response showing up as *? Am I configuring CORs incorrectly or am I missing something else?

推荐答案

我在这里遇到的问题是，尽管启用了CORS快递：

The problem I was running into here was that despite enabling CORS for express:

app.use(cors({ credentials: true, origin: "http://localhost:3000" }));

GraphQL中间件覆盖了该设置。如果使用Apollo服务器和相关的中间件，请确保通过 cors：false 参数，如下所示。

The GraphQL middleware was over-riding the setting. Make sure to pass the cors: false param as shown below if using an Apollo Server and associated middleware.

gqlServer.applyMiddleware({ app, path: "/graphql", cors: false });

这篇关于Express CORs策略防止Apollo客户端从服务器获取的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！