如何在 node.js 上的 express.js 框架中启用跨域资源共享(CORS) [英] How to enable cross-origin resource sharing (CORS) in the express.js framework on node.js
问题描述
我正在尝试在 node.js 中构建一个支持跨域脚本的 Web 服务器,同时仍然提供来自公共目录的静态文件.我正在使用 express.js,但不确定如何允许跨域脚本(Access-Control-Allow-Origin: *
).
I'm trying to build a web server in node.js that will support cross-domain scripting, while still providing static files from a public directory. I'm using the express.js and am not really sure how to allow cross-domain scripting (Access-Control-Allow-Origin: *
).
我看到了这篇文章,但我觉得没有帮助.
I saw this post, which I did not find helpful.
var express = require('express')
, app = express.createServer();
app.get('/', function (req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "X-Requested-With");
next();
});
app.configure(function () {
app.use(express.methodOverride());
app.use(express.bodyParser());
app.use(app.router);
});
app.configure('development', function () {
app.use(express.static(__dirname + '/public'));
app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
});
app.configure('production', function () {
var oneYear = 31557600000;
// app.use(express.static(__dirname + '/public', { maxAge: oneYear }));
app.use(express.static(__dirname + '/public'));
app.use(express.errorHandler());
});
app.listen(8888);
console.log('express running at http://localhost:%d', 8888);
推荐答案
在 node.js 上的 ExpressJS 应用程序中,对路由执行以下操作:
In your ExpressJS app on node.js, do the following with your routes:
app.all('/', function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "X-Requested-With");
next();
});
app.get('/', function(req, res, next) {
// Handle the get for this route
});
app.post('/', function(req, res, next) {
// Handle the post for this route
});
第一次调用 (app.all
) 应该在应用中的所有其他路由(或者至少是你想要启用 CORS 的路由)之前进行.
The first call (app.all
) should be made before all the other routes in your app (or at least the ones you want to be CORS enabled).
如果您希望标题也显示为静态文件,请尝试此操作(确保它在调用 use(express.static())
之前:
If you want the headers to show up for static files as well, try this (make sure it's before the call to use(express.static())
:
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "X-Requested-With");
next();
});
我用您的代码对此进行了测试,并从 public
目录中获取了资产的标头:
I tested this with your code, and got the headers on assets from the public
directory:
var express = require('express')
, app = express.createServer();
app.configure(function () {
app.use(express.methodOverride());
app.use(express.bodyParser());
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "X-Requested-With");
next();
});
app.use(app.router);
});
app.configure('development', function () {
app.use(express.static(__dirname + '/public'));
app.use(express.errorHandler({ dumpExceptions: true, showStack: true }));
});
app.configure('production', function () {
app.use(express.static(__dirname + '/public'));
app.use(express.errorHandler());
});
app.listen(8888);
console.log('express running at http://localhost:%d', 8888);
当然,你可以将函数打包成一个模块,这样你就可以做类似的事情
You could, of course, package the function up into a module so you can do something like
// cors.js
module.exports = function() {
return function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "X-Requested-With");
next();
};
}
// server.js
cors = require('./cors');
app.use(cors());
这篇关于如何在 node.js 上的 express.js 框架中启用跨域资源共享(CORS)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!