Internet Explorer跨域：不发送预检 [英] Internet Explorer Cross Domain: Not sending preflight

问题描述

我发现了几个类似的线程。然而，似乎没有一个工作。

I've found several similar threads. However, none have yet seemed to work.

问题

在我们目前的生态系统中，我们有三台服务器供我们使用HTTP的API。两个用于测试，一个用于生产。

In our current ecosystem we've got three servers for our http-apis. Two for test and one for production.

最近我们一直在使用AngularJS发布客户端Web应用程序。由于客户端应用程序适用于我们的客户，因此与api的通信是跨域的。网络应用程序在Chrome，safari和firefox中正常运行。但是，对于第三个api，Internet Explorer（11）拒绝发送预检（选项）请求，该请求禁止客户端与api通信。在另外两个apis中，网络应用程序在IE中正常工作。

Recently we've been releasing client-side web applications using AngularJS. Since the client apps is for our customers, the communication to our api is cross domain. The web apps operates properly in Chrome, safari and firefox an all apis. However, for the third api Internet Explorer(11) refuses to send the preflight(options) request, which disables the client to communicate with the api. In the other two apis, the web app works fine in IE.

apis将如下：

https://api.doma.in/accesstoken -- Works in IE11
https://api2.doma.in/accesstoken -- Works in IE11
https://api3.doma.in/accesstoken -- Does not send preflight in IE11.

需要注意的是，三台服务器或多或少都是克隆的，所以设置赢得了'差别很大。

What is to be noticed is that the three servers are more or less cloned, so the setup won't differ much.

但是，我收到的错误消息中的错误如下：

However, the error I'm getting in the error messages I'm getting is the following:

SEC7118: XMLHttpRequest https://api3.doma.in/accesstoken required CORS (Cross Origin Resource Sharing).
SEC7119: XMLHttpRequest https://api3.doma.in/accesstoken required CORS Preflight.
SCRIPT7002: XMLHttpRequest Network error 0x80070005, Access Denied.

在网络日志中，它只显示预检请求被取消，因此没有请求或响应标头。

In the network log it only shows that the preflight request got cancelled, hence no request or response headers.

推荐答案

我能够使用openssl识别问题。通过运行 $ openssl s_client -connect< url / domain>：443 -state 我发现了ssl的错误。

I was able to identify the problem using openssl. By running $ openssl s_client -connect <url/domain>:443 -state I identified an error with ssl.

Api 1和2在openssl的结果中显示以下内容：

Api 1 and 2 showed the following in the result from openssl:

SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A

在api 3（失败的api-server）上，结果显示了两个额外的操作：

On api 3(the failing api-server) the result showed two additional operations:

SSL_connect:SSLv3 read server certificate A
SSL_connect:SSLv3 read server key exchange A
SSL_connect:SSLv3 read server certificate request A //This
SSL_connect:SSLv3 read server done A
SSL_connect:SSLv3 write client certificate A //This
SSL_connect:SSLv3 write client key exchange A
SSL_connect:SSLv3 write change cipher spec A
SSL_connect:SSLv3 write finished A
SSL_connect:SSLv3 flush data
SSL_connect:SSLv3 read finished A 

但我还没有解决这个问题服务器上的问题。与此同时，我正在使用xdomainhack（ https://github.com/jpillora/xdomain）。它很容易设置并且工作正常。

Yet I have not resolved this issue on the server. In the mean time I'm using an xdomain "hack"(https://github.com/jpillora/xdomain). It's really easy to setup and works fine.

这篇关于Internet Explorer跨域：不发送预检的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！