wrap-cors中间件不能与system.components一起使用 [英] wrap-cors middleware not working with system.components
问题描述
我有以下system.components中间件配置,其中使用了ring.middleware wrap-cors,以允许重定向到外部服务器:
I have the following system.components middleware config, in which I'm using the ring.middleware wrap-cors, to allow for redirects to an external server:
(defn config []
{:http-port (Integer. (or (env :port) 5000))
:middleware [[wrap-defaults api-defaults]
wrap-with-logger
wrap-gzip
ignore-trailing-slash
[wrap-reload {:dir "../../src"}]
[wrap-trace :header :ui]
wrap-params
wrap-keyword-params
wrap-cookies
[wrap-cors :access-control-allow-headers #{"accept"
"accept-encoding"
"accept-language"
"authorization"
"content-type"
"origin"}
:access-control-allow-origin [#"https://some-url"]
:access-control-allow-methods [:delete :get
:patch :post :put]]
]})
这应该在每个响应中插入标头.但是,相反,根据客户端的请求,该请求导致重定向到 https://some-url ,客户端浏览器中出现以下错误:
And this is supposed to insert headers into every response. But instead, on a request from the client which leads to a redirect to https://some-url, I get the following error in the client browser:
Access to XMLHttpRequest at 'https://someurl' (redirected from 'http://localhost:5000/some-uri') from origin 'http://localhost:5000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
尽管添加了中间件,为什么响应中的标题仍然不正确?
Why aren't the correct headers in the response despite adding the middleware?
-编辑-
我也尝试过[jumblerg.middleware.cors] wrap-cors中间件,如下所示:
I've also tried the [jumblerg.middleware.cors] wrap-cors middleware like so:
(defn config []
{:http-port (Integer. (or (env :port) 5000))
:middleware [[wrap-defaults api-defaults]
wrap-with-logger
wrap-gzip
ignore-trailing-slash
[wrap-reload {:dir "../../src"}]
[wrap-trace :header :ui]
wrap-params
wrap-keyword-params
wrap-cookies
[wrap-cors #".*"]
]})
并使用liberator添加了标头,如下所示:
And have added the headers using liberator like so:
(defresource some-route [redirect-uri]
:available-media-types ["application/json"]
:allowed-methods [:post]
:post-redirect? true
:as-response (fn [d ctx]
;; added headers
(-> (as-response d ctx)
(assoc-in [:headers "Access-Control-Allow-Origin"] "*")
(assoc-in [:headers "Access-Control-Allow-Headers"] "Content-Type")
)
)
;; redirect uri
:location redirect-uri
)
但是仍然会收到``请求资源上没有'Access-Control-Allow-Origin'标头.''错误
But still get the ````No 'Access-Control-Allow-Origin' header is present on the requested resource.``` error
推荐答案
尝试将此库用于(wrap-cors)
:
[jumblerg/ring-cors "2.0.0"]
像这样:
(wrap-cors your-routes identity)
请注意,第三个参数是确定是否允许原点(或正则表达式列表)的函数
Note the third parameter is a function to determine if an origin is allowed (or a list of reg exp)
您可能需要通过以下方式添加手动路线:
You might have to add a manual route though:
(OPTIONS "/yourendpoint" req {:headers {"Access-Control-Allow-Headers" "*"}})
这篇关于wrap-cors中间件不能与system.components一起使用的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!