google cloud函数python CORS错误所请求的资源上没有'Access-Control-Allow-Origin'标头。 [英] google cloud function python CORS error No 'Access-Control-Allow-Origin' header is present on the requested resource.
问题描述
我已按照 https://cloud.google.com上的说明进行操作/ functions / docs / writing / http#functions_http_cors-python
所以我的代码最后是
# Set CORS headers for the preflight request
if request.method == 'OPTIONS':
# Allows GET requests from any origin with the Content-Type
# header and caches preflight response for an 3600s
headers = {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'GET',
'Access-Control-Allow-Headers': 'Content-Type',
'Access-Control-Max-Age': '3600'
}
return ('', 204, headers)
# Set CORS headers for the main request
headers = {
'Content-Type':'application/json',
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Headers': 'Content-Type',
}
# END CORS
return (res, 200, headers)
其中res是JSON
where res is JSON
从一个简单的节点应用程序中,我通过
from a simple node app, im calling via
this.http.post(payloadTarget.url, JSON.stringify(clone)).subscribe(res => {
console.log('request complete', res);
},
err => {
console.log('request failed', err);
});
在控制台上出现此错误
所请求的资源上没有'Access-Control-Allow-Origin'标头。因此,不允许访问来源' http:// localhost:4200 '。
使用邮递员测试POST或选项时,我看不到错误,但我也看不到HEADERS即时消息
when testing a POST or OPTIONS using Postman i dont see the error but i also dont see the HEADERS im supposed to
确定它很简单,但查看其他类似的问题和答案却找不到任何指向我问题的东西
im sure its something simple but looking at others similar questions and answers cant find anything that points to my issue
推荐答案
我认为这里的问题是您从OPTIONS响应中省略了 POST
。使用CORS,您需要具体确定可接受哪些http方法。话虽如此,您需要将飞行前请求更新为:
I think the issue here is that you've left out the POST
from your OPTIONS response. With CORS you'll need to be specific about which http methods are acceptable. With that being said, you'll need to update your pre-flight request to:
# Set CORS headers for the preflight request
if request.method == 'OPTIONS':
# Allows GET requests from any origin with the Content-Type
# header and caches preflight response for an 3600s
headers = {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'GET, POST',
'Access-Control-Allow-Headers': 'Content-Type',
'Access-Control-Max-Age': '3600'
}
return ('', 204, headers)
# Set CORS headers for the main request
headers = {
'Content-Type':'application/json',
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Headers': 'Content-Type',
}
# END CORS
return (res, 200, headers)
ly,您可以将值设置为:
Alternatively, you can set the value to:
'Access-Control-Allow-Methods': '*'
如果您不关心安全性。
另外,您未通过POSTMAN收到这些错误的原因是请求的性质-所有现代的浏览器都会拦截您的请求,并检查源是否匹配(域,端口,协议等),如果它们不匹配, t,系统会向目的地发出飞行前( OPTIONS
)请求,以确保其正常。诸如POSTMAN之类的网站和诸如Fiddler之类的软件并不是从浏览器启动的,提交时没有任何检查。
Also, the reason you're not getting these errors via POSTMAN is due to the nature of the request - All modern browsers intercept your request and check to see if the origins match (domain, port, protocol, etc), if they don't, a pre-flight (OPTIONS
) request is made to the the destination to make sure that its okay. Sites like POSTMAN and software like Fiddler aren't initiated from the browser and are submitted without any checks.
这篇关于google cloud函数python CORS错误所请求的资源上没有'Access-Control-Allow-Origin'标头。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!