无“访问控制允许来源”标头的请求的资源present [英] No 'Access-Control-Allow-Origin' header is present on the requested resource
问题描述
我使用omniauth Facebook的与AngularJS和CORS不能正常工作。
我omniauth.rb是
Rails.application.config.middleware.use OmniAuth ::生成器做
供应商:脸谱,XXXXX,XXXXX,
:范围=> 电子邮件,user_birthday,read_stream':显示= GT; '弹出'结束
一切正常,如果我用它作为Rails应用程序和要求。但是,当我尝试调用的http:\\本地主机:3000 \\用户\\权威性\\脸谱通过角JS
$ http.get('/用户/认证/ Facebook的)。成功(功能(数据,状态,头,配置){
的console.log(早在成功);
})。
错误(功能(数据,状态,头,配置){ });
}
在JS控制台
我看到下面的错误
XMLHtt prequest无法加载
<一href=\"https://www.facebook.com/dialog/oauth?client_id=xxxx&display=popup\">https://www.facebook.com/dialog/oauth?client_id=xxxx&display=popup…thday%2Cread_stream&state=3352c1924bdbc9277f7b1070c38d67acf79b529f198323cb.
无访问控制允许来源标头的请求present
资源。原产地的http://本地主机:3000
因此不允许
访问。
块引用>(URL是不显示完全控制台)
我添加以下行
config.middleware.insert_before监狱长::经理,架::一个Cors
也并没有工作。
什么是最好的办法还是我如何重写标头OmniAuth?
我使用Angularjs和宝石色器件,omniauth Facebook的
块引用>解决方案既然你对你的开发环境,你可能想尝试一种变通方法,通过允许您浏览器在非安全模式下运行。
有关Chrome Windows版,从CMD尝试:
&GT; CD C:\\ Program Files文件(x86)的\\谷歌\\铬\\应用
&GT;的chrome.exe --user-data-dir来=C:/ Chrome浏览器开发会议 - 禁用 - 网络安全的
- 禁用 - 网络安全
标志将让你做出跨域请求。在- 用户数据目录
标志将允许你打开一个新的会话的仅发展这是<强>只为你一个解决方法开发工作!请不要在生产中使用这个或浏览其他网站在这个环节!
I am using omniauth-facebook with AngularJS and CORS is not working correctly .
My omniauth.rb is
Rails.application.config.middleware.use OmniAuth::Builder do provider :facebook,"xxxxx", "xxxxx", :scope => 'email,user_birthday,read_stream', :display => 'popup' end
Everything works if i use it as rails app and request. But when i try to call 'http:\localhost:3000\users\auth\facebook" via Angular JS
$http.get('/users/auth/facebook').success(function(data, status, headers, config) { console.log("back in success"); }). error(function(data, status, headers, config) { }); }
i see following error in JS console
XMLHttpRequest cannot load https://www.facebook.com/dialog/oauth?client_id=xxxx&display=popup…thday%2Cread_stream&state=3352c1924bdbc9277f7b1070c38d67acf79b529f198323cb. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin
'http://localhost:3000'
is therefore not allowed access.(The url is not displayed completely in console)
I added following line
config.middleware.insert_before Warden::Manager, Rack::Cors
but also this didn't work .
What is the best way or how can i override headers for OmniAuth ?
I am using Angularjs and gem devise ,omniauth-facebook
解决方案Since you are on your development environment you may want to try a workaround, by allowing you browser to run in a non-secure mode.
For Chrome on Windows, from CMD try:
> cd C:\Program Files (x86)\Google\Chrome\Application > chrome.exe --user-data-dir="C:/Chrome dev session" --disable-web-security
The
--disable-web-security
flag will allow you to make cross domain requests. The--user-data-dir
flag will allow you to open a new session only for development.This is just a workaround for you development work! Don't use this in production or navigate to other sites in this session!
这篇关于无“访问控制允许来源”标头的请求的资源present的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!