TypeError,未定义的“摘要",在开发环境中 [英] TypeError, 'digest' of undefined, in development environment
问题描述
当我们为本地主机构建 Angular SPA 时,它运行良好.
When we're building our Angular SPA for localhost it works perfectly.
在我们的开发环境中,此错误会蔓延到 DevTool 控制台并破坏一切:错误错误:未捕获(承诺):类型错误:无法读取未定义的属性摘要"
On our dev environment, this error creeps into the DevTool console and breaks everything: ERROR Error: Uncaught (in promise): TypeError: Cannot read property 'digest' of undefined
TypeError: Cannot read property 'digest' of undefined
at N (auth0-spa-js.production.js:1)
at ie.<anonymous> (auth0-spa-js.production.js:1)
at Generator.next (<anonymous>)
at auth0-spa-js.production.js:1
at new ZoneAwarePromise (zone-evergreen.js:876)
at t (auth0-spa-js.production.js:1)
at ie.loginWithRedirect (auth0-spa-js.production.js:1)
at AuthGuard.<anonymous> (auth.guard.ts:22)
at Generator.next (<anonymous>)
at fulfilled (environment.ts:11)
at resolvePromise (zone-evergreen.js:797)
at new ZoneAwarePromise (zone-evergreen.js:879)
at t (auth0-spa-js.production.js:1)
at ie.loginWithRedirect (auth0-spa-js.production.js:1)
at AuthGuard.<anonymous> (auth.guard.ts:22)
at Generator.next (<anonymous>)
at fulfilled (environment.ts:11)
at ZoneDelegate.invoke (zone-evergreen.js:359)
at Object.onInvoke (core.js:34195)
at ZoneDelegate.invoke (zone-evergreen.js:358)
我想这一定与构建过程有关,有一些不同的标志,但我无法确定到底是哪个.
I guess it must be something about the build process, some different flags, but I can't figure out exactly which.
推荐答案
这可能是因为您的开发服务器设置为不安全的源.
It's probably because your dev server is setup as an insecure origin.
digest 可能指的是 Web 加密 API.如果您使用的是基于 Chromium 的浏览器,根据 此处的 Chromium 项目页面,subtle 属性只能在安全来源中使用:
The digest likely refers to window.crypto.subtle.digest of the Web Crypto API. if you are using a Chromium-based browser, according to the the Chromium Projects page here, the subtle property can only be used in a secure origin:
对 WebCrypto API 的访问仅限于安全来源(即 https://页面).
Access to the WebCrypto API is restricted to secure origins (which is to say https:// pages).
注意:在规范中,crypto.subtle 在不安全的上下文中应该是未定义的
Note: In the spec, crypto.subtle is supposed to be undefined in insecure contexts
因为digest 是subtle 的一种方法,而subtle 是undefined,你会得到这个错误.
Because digest is a method of subtle, and subtle is undefined, you are getting this error.
我们在使用 auth0-spa-js 库 时遇到了同样的错误.它适用于本地主机,而不适用于我们的 http 临时站点,但适用于我们的生产 https 站点.
We got the same error when using the auth0-spa-js library. It worked on localhost, not on our http staging site, but OK on our production https site.
如果您的来源不安全,请尝试使您的开发环境安全,然后再次测试(应该使用自签名证书).提醒一下,安全来源 是:
If you aren't in a secure origin, try making your dev environment secure and then testing again (a self-signed certificate should do). As a reminder, secure origins are:
安全源是那些至少匹配以下(方案、主机、端口)模式之一的源:
Which origins are "secure"?
Secure origins are those that match at least one of the following (scheme, host, port) patterns:
- (https, *, *)
- (wss, *, *)
- (*, 本地主机, *)
- (*, 127/8, *)
- (*, ::1/128, *)
- (文件, *, —)
- (chrome-extension, *, —)
也就是说,安全源是从本地机器(必须是受信任的)或通过网络从经过加密验证的服务器加载资源的源.
That is, secure origins are those that load resources either from the local machine (necessarily trusted) or over the network from a cryptographically-authenticated server.
我不确定 Auth0 团队是否有一个在非安全来源(或计划在他们最新的 SPA 库中启用该功能),但他们的原生 JS 库绝对可以.
I'm not sure if the Auth0 team have an SPA library that works in a non-secure origin (or plans to enable that capability in their latest SPA library), but their native JS libraries definitely do.
这篇关于TypeError,未定义的“摘要",在开发环境中的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
