CORS访问控制 - 允许 - 产地标头由WatchGuard的剥离 [英] CORS Access-Control-Allow-Origin header stripped by watchguard

问题描述

我有一个使用AJAX通过在api.example.com一个nodejs-API来访问JSON在www.example.com网站。 （跨域！）我需要PUT和DELETE作为HTTP的方法，这就是为什么我不能使用JSONP，我抬头一看CORS是如何工作的，并实现了通过访问控制 - 允许 - 产地标头。

I have a website on www.example.com that uses AJAX to access JSON via a nodejs-API on api.example.com. (Cross-domain!) I need the PUT and DELETE as HTTP-methods, thats why I can't use jsonp, i looked up how CORS works, and implemented that via the Access-Control-Allow-Origin headers.

当我在我的本地环境（www.example.dev和api.example.dev）我的设置工作。我的API返回正确的标题（访问控制 - 允许 - 产地），我成功地做跨域请求。

When i work on my local environment (www.example.dev and api.example.dev) my setup works. My API return the correct headers (Access-Control-Allow-Origin) and I succeed in doing cross domain requests.

当我部署网络，我的设置不再工作了，因为头被阻塞由该公司的WatchGuard防火墙。我可以问，让我的公开API，但恐怕其他人也会有同样的问题，他或她的限制环境。

When I deploy online, my setup doesn't work anymore, because the headers get blocked by the company watchguard firewall. I could ask to allow my public API, but i'm afraid someone else will have the same issues in his or her restricted environment.

有没有解决这个其他方式？

Is there any other way to solve this?

推荐答案

对于那些有兴趣：我用easyXDM跨域通讯。这解决了我的问题。 http://easyxdm.net/wp/

For those interested: I use easyXDM for cross domain messaging. That solved my problem. http://easyxdm.net/wp/

这篇关于CORS访问控制 - 允许 - 产地标头由WatchGuard的剥离的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！