为什么同一产地的政策踢在做从本地主机请求到localhost什么时候？ [英] Why is same origin policy kicking in when making request from localhost to localhost?

问题描述

我保持后端API从前端HTML5应用程序消耗它一个单独的项目。我使用的约曼为前端开发。约曼运行在localhost：3501和localhost上的后端：3000。当我做API请求从浏览器（使用AngularJS的$ HTTP），我打的同源策略：

I'm keeping the backend API as a separate project from the frontend HTML5 app consuming it. I'm using Yeoman for the frontend development. Yeoman runs on localhost:3501 and the backend on localhost:3000. When I make the API request from the browser (using AngularJS's $http), I hit the same origin policy:

XMLHttpRequest cannot load http://localhost:3000/venues. Origin http://localhost:3501 is not allowed by Access-Control-Allow-Origin.

据我所知，同一产地的政策应该做出不同领域的要求，只有当踢。为什么当我们做一个请求从本地主机到本地主机（尽管以不同的端口），它呜呜？

AFAIK, same origin policy should kick in only when making request across different domains. Why is it whining when we do a request from localhost to localhost (albeit to different port)?

我怎样才能使这项工作，并会在生产这个事业的问题？

How can I make this work and will this cause problems in production?

推荐答案

的端口，也算为跨域请求，因此的http：//本地主机：3000 和的http：//本地主机：3501 为 2不同的域（但从浏览器的角度）

The ports also count for cross domain requests, therefore http://localhost:3000 and http://localhost:3501 are 2 different domains (from browser's point of view).

如果您需要这两个应用程序（客户端和后端），以在不同的端口上运行，可考虑使用 http://enable-cors.org/

If you need both applications (client and backend) to run on different ports, consider using http://enable-cors.org/

这篇关于为什么同一产地的政策踢在做从本地主机请求到localhost什么时候？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！