Web2Py上运行的API的CORS问题 [英] CORS Issue with API running on Web2Py

问题描述

我进行了很多搜索，尽管我发现了类似的问题，但似乎我还没有找到答案，也许您可​​以帮助我。

I've searching a lot and although I found similar issues, it seems that I haven't found my answer yet and maybe you can help me.

我在我的Web2Py框架上具有以下API，并且我正在使用AngularJS前端应用程序对其进行访问，并且遇到了CORS问题（我已经在* orign或我的特定IP和端口中尝试过*，但效果不佳）。不过，它确实适用于IE，但不适用于Chrome或Mozilla。

I have the following API on my Web2Py framework and I am accessing it with a AngularJS front-end app and I am having CORS issues (I already tried * in the orign or my specific IP and port but no good results). Nevertheless, it does work with IE but not with Chrome or Mozilla.

@request.restful()
def api():
    def GET():
        key = main() #generate random XML and returns the key
        response.headers['Content-Type'] = '*'
        response.headers['Access-Control-Allow-Origin'] = '*'
        response.headers['Access-Control-Max-Age'] = 86400
        response.headers['Access-Control-Allow-Headers'] = '*'
        response.headers['Access-Control-Allow-Methods'] = '*'
        response.headers['Access-Control-Allow-Credentials'] = 'true'
        response.view = 'generic.xml'
        value = cb.get(key).value #get value stored into couchbase
        return value
    return dict(GET=GET)

有关前端应用程序错误的更多详细信息：

More details about the error from the front-end app:

XMLHttpRequest无法加载 http ：// my_IP：8000 / my_app / default / api / 。
对预检请求的响应未通过访问控制检查：所请求的
资源上没有
标头 Access-Control-Allow-Origin。因此，不允许访问来源 http：// my_IP：8080 。
响应的HTTP状态码为405。

XMLHttpRequest cannot load http://my_IP:8000/my_app/default/api/. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://my_IP:8080' is therefore not allowed access. The response had HTTP status code 405.

从我的前端应用程序中，我确定我具有正确的功能

From my front-end app I am sure I have the right function for calling the API.

谢谢！

推荐答案

您的响应标头需要进入GET（）函数之外。

Your response headers need to go outside of the GET() function.

@request.restful()
def api():
    response.view = 'generic.json'
    response.headers["Access-Control-Allow-Origin"] = '*'
    response.headers['Access-Control-Max-Age'] = 86400
    response.headers['Access-Control-Allow-Headers'] = '*'
    response.headers['Access-Control-Allow-Methods'] = '*'
    response.headers['Access-Control-Allow-Credentials'] = 'true'

    def GET(tablename, id):
        if not tablename == 'person':
            raise HTTP(400)
        return dict(person = db.person(id))

    def POST(tablename, **fields):
        if not tablename == 'person':
            raise HTTP(400)
        return db.person.validate_and_insert(**fields)

    return locals()

http://web2py.com/books/default/chapter/29/10/services?search=restful#Low-level-API-and-other-recipes

这篇关于Web2Py上运行的API的CORS问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！