Python Eve:请求的资源上不存在“Access-Control-Allow-Origin"标头 [英] Python Eve : No 'Access-Control-Allow-Origin' header is present on the requested resource

问题描述

我使用 Python EVE 框架编写了一个 API.在尝试从 AngularJS 应用程序访问 API 时，它显示如下所示的错误:

I have written an API using Python EVE framework. While trying to access the API from an AngularJS app it shows an error as shown below :

XMLHttpRequest cannot load http://127.0.0.1:5000/user/jay3dec. Request header field Authorization is not allowed by Access-Control-Allow-Headers. 

为了更正上述错误，我在 settings.py 中添加了以下内容

In order to correct the above error I added the following to the settings.py

X_DOMAINS = '*'
X_HEADERS = 'Authorization'

现在上面的错误消失了，控制台中显示了一个新的错误:

Now the above error disappears and a new error shows in the console :

XMLHttpRequest cannot load http://127.0.0.1:5000/user/jay3dec. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8000' is therefore not allowed access. 

但我已经在 settings.py 中添加了 X_DOMAINS = '*' .

But I have already added the X_DOMAINS = '*' in my settings.py .

这是angularjs代码:

Here is the angularjs code:

    $scope.validate = function() {

    var encodedUserNameAndPassword = Base64.encode($scope.username + ':' + $scope.password);

    $http.defaults.headers.put = {
        'Access-Control-Allow-Origin': '*',
        'Access-Control-Allow-Methods': 'GET, POST, PUT, DELETE, OPTIONS',
        'Access-Control-Allow-Headers': '*'
    };
    $http.defaults.headers.common['Authorization'] = 'Basic ' + encodedUserNameAndPassword;

    $http({
        method: 'GET',
        url: 'http://127.0.0.1:5000/user/jay3dec'
    }).
    success(function(data, status, headers, config) {
        console.log(data);
    }).
    error(function(data, status, headers, config) {
        alert(data);

    });
}

有没有发现可能是什么问题

Can any spot what may be the issue

推荐答案

FWIW，我遇到了类似的问题.

FWIW, I had similar problem.

然后我了解到只有模式定义的 API 才能获得 X_DOMAINS 标头的效果.如果您使用 app = Eve(settings=blah) 和 @app.route() 之类的东西自己定义的 api，则不会受到 X_DOMAINS 标头的影响.因此，在这种情况下，您需要编写自己的装饰器.

Then I learned that only schema defined APIs will get the effect of X_DOMAINS header. The api if any you define on your own using something like app = Eve(settings=blah) and the @app.route() will not be affected by the X_DOMAINS header. So, in that case, you need to write your own decorator.

这篇关于Python Eve:请求的资源上不存在“Access-Control-Allow-Origin"标头的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！