如何在 node.js 上的 express.js 框架中启用跨域资源共享(CORS) [英] How to enable cross-origin resource sharing (CORS) in the express.js framework on node.js
问题描述
我正在尝试在 node.js 中构建一个支持跨域脚本的 Web 服务器,同时仍然提供来自公共目录的静态文件.我正在使用 express.js,但不确定如何允许跨域脚本(Access-Control-Allow-Origin: *).
I'm trying to build a web server in node.js that will support cross-domain scripting, while still providing static files from a public directory. I'm using the express.js and am not really sure how to allow cross-domain scripting (Access-Control-Allow-Origin: *).
我看到了这篇文章,但我觉得没有帮助.
I saw this post, which I did not find helpful.
var express = require('express')
, app = express.createServer();
app.get('/', function (req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "X-Requested-With");
next();
});
app.configure(function () {
app.use(express.methodOverride());
app.use(express.bodyParser());
app.use(app.router);
});
app.configure('development', function () {
app.use(express.static(__dirname + '/public'));
app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
});
app.configure('production', function () {
var oneYear = 31557600000;
// app.use(express.static(__dirname + '/public', { maxAge: oneYear }));
app.use(express.static(__dirname + '/public'));
app.use(express.errorHandler());
});
app.listen(8888);
console.log('express running at http://localhost:%d', 8888);
推荐答案
在 node.js 上的 ExpressJS 应用程序中,对路由执行以下操作:
In your ExpressJS app on node.js, do the following with your routes:
app.all('/', function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "X-Requested-With");
next();
});
app.get('/', function(req, res, next) {
// Handle the get for this route
});
app.post('/', function(req, res, next) {
// Handle the post for this route
});
第一次调用 (app.all) 应该在应用中的所有其他路由(或者至少是你想要启用 CORS 的路由)之前进行.
The first call (app.all) should be made before all the other routes in your app (or at least the ones you want to be CORS enabled).
如果您希望标题也显示为静态文件,请尝试此操作(确保它在调用 use(express.static()) 之前:
If you want the headers to show up for static files as well, try this (make sure it's before the call to use(express.static()):
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "X-Requested-With");
next();
});
我用您的代码对此进行了测试,并从 public 目录中获取了资产的标头:
I tested this with your code, and got the headers on assets from the public directory:
var express = require('express')
, app = express.createServer();
app.configure(function () {
app.use(express.methodOverride());
app.use(express.bodyParser());
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "X-Requested-With");
next();
});
app.use(app.router);
});
app.configure('development', function () {
app.use(express.static(__dirname + '/public'));
app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
});
app.configure('production', function () {
app.use(express.static(__dirname + '/public'));
app.use(express.errorHandler());
});
app.listen(8888);
console.log('express running at http://localhost:%d', 8888);
当然,你可以将函数打包成一个模块,这样你就可以做类似的事情
You could, of course, package the function up into a module so you can do something like
// cors.js
module.exports = function() {
return function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "X-Requested-With");
next();
};
}
// server.js
cors = require('./cors');
app.use(cors());
这篇关于如何在 node.js 上的 express.js 框架中启用跨域资源共享(CORS)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
