Express JS:请求的资源上没有“Access-Control-Allow-Origin”标头 [英] Express JS: No 'Access-Control-Allow-Origin' header is present on the requested resource

查看:147
本文介绍了Express JS:请求的资源上没有“Access-Control-Allow-Origin”标头的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我在服务器上运行API,并且连接到它的前端客户端检索数据。我做了一些关于跨域问题的研究并且有效。但是我不确定发生了什么变化。我现在在控制台中收到此错误:

I have an API running on a server and a front-end client connecting to it to retrieve data. I did some research on the cross domain problem and has it working. However I've not sure what has changed. I am now getting this error in the console:


XMLHttpRequest无法加载 https://api.mydomain/api/status 。没有
'Access-Control-Allow-Origin'标头出现在请求的
资源上。因此,不允许
访问来源' http://beta.mydomain.com '。响应的HTTP状态代码为502.

XMLHttpRequest cannot load https://api.mydomain/api/status. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://beta.mydomain.com' is therefore not allowed access. The response had HTTP status code 502.

我有以下路由文件:

var express = require('express');
var router = express.Router();
var Assessment = require('../app/models/assessment');

router.all('*', function (req, res, next) {
    res.header('Access-Control-Allow-Origin', '*');
    res.header('Access-Control-Allow-Methods', 'PUT, GET, POST, DELETE, OPTIONS');
    res.header('Access-Control-Allow-Headers', 'Content-Type');
    next();
});


router.post('/api/status', function (req, res, next) {
    getStatus.getStatus(req, res, Assessment);
});

module.exports = router;

以下JavaScript对该路线进行Ajax调用:

And the following JavaScript making an Ajax call to that route:

var user = {
    'uid' : '12345'
};
$.ajax({
    data: user,
    method: 'POST',
    url: 'https://api.mydomain/api/status',
    crossDomain: true,
    done: function () {
    },
    success: function (data) {
        console.log(JSON.stringify(data));
    },
    error: function (xhr, status) {

    }
});

我试过:
将请求域放入'Access-Control-Allow- Origin'header
使用cors模块表示
将我的router.all函数放在中间件中

I have tried: Putting the requesting domain in the 'Access-Control-Allow-Origin' header Using the cors module for express Putting my router.all function inside middleware

请求域是HTTP,api域是在HTTPS上。但是,在启用HTTP时,我已经使用了它。

The requesting domain is HTTP and the api domain is on HTTPS. However, I have had it working while the HTTP was enabled.

有没有人知道为什么没有发送'Access-Control-Allow-Origin'标题?

Does anyone have any insight into why the 'Access-Control-Allow-Origin' header is not being send?

谢谢

推荐答案

您可以尝试将其设置为表达实例本身,而不是将请求标头设置为您的快速路由像这样,

Instead of setting the request headers to your express route, Can you try setting it to express instance itself like this,

var express = require('express');
var app = express();
var Assessment = require('../app/models/assessment');

app.use(function(req, res, next) {
  res.header("Access-Control-Allow-Origin", "*");
  res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
  next();
});

app.post('/api/status', function (req, res, next) {
    // your code goes here
});

module.exports = app;

希望这有帮助!

这篇关于Express JS:请求的资源上没有“Access-Control-Allow-Origin”标头的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
前端开发最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆