调试CORS错误的方法 [英] Way to debug CORS errors
问题描述
对于我的测试,Chrome和Firefox几乎没有任何信息当它们由于违反CORS而取消请求。通常调试会根据规格检查所有标题,阅读CORS标准等。这是一个非常繁琐的过程。
没有办法告诉任何浏览器关于为什么取消了特定请求应该更详细?
例如,我宁愿有更详细的调试消息,如请求被取消,因为在接收到的Access-Control-Allow-Header字段中缺少X-Requested-With字段或请求被取消,因为提供的原始:并且接收到访问控制允许-Origin:fields mismatch 。
您使用的是哪个版本的Chrome?最新版本在报告CORS问题上变得更好。例如,我使用Chrome版本32.0.1700.14测试版,当我访问此页面,我的控制台中出现以下错误:
请求头字段Access-Control-Allow-Headers不允许X-Foo。
此信息仅在控制台中可用,无法以编程方式访问。希望更多的浏览器也会随之而来。请注意,如果您的请求因某些其他非CORS原因而失败,您可能仍会看到无益的错误消息。
Every once in a while I have to debug cross-origin resource sharing related problems during web-development.
To my testing, Chrome and Firefox give virtually no information when they cancel a request due to a CORS violation. Usually debugging involes checking the all the headers against specs, reading the CORS standard etc. It is a really cumbersome process.
Isn't there a way to tell any Browser that it should be more verbose about why it canceled a specific request?
For example, I rather have more verbose debug messages like Request canceled due to missing X-Requested-With field in received Access-Control-Allow-Headers field or Request canceled because supplied Origin: and received Access-Control-Allow-Origin: fields mismatch.
Which version of Chrome are you using? The latest versions have become much better at reporting CORS issues. For example, I am using Chrome version "32.0.1700.14 beta", and when I visit this page, I get the following error in my console:
Request header field X-Foo is not allowed by Access-Control-Allow-Headers.
This information is only available from the console, and cannot be programmatically accessed. Hopefully more browsers will follow suit. Note that if your request fails for some other, non-CORS reason, you may still see unhelpful error messages.
这篇关于调试CORS错误的方法的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
