对预检请求的响应未通过访问控制检查 [英] Response to preflight request doesn't pass access control check

问题描述

我使用ngResource在Amazon Web Services上调用REST API时出现此错误：

I'm getting this error using ngResource to call a REST API on Amazon Web Services:

XMLHttpRequest无法加载
http://server.apiurl.com:8000/s/login?login=facebook 。对
预检请求的响应未通过访问控制检查：请求的
资源上没有
'Access-Control-Allow-Origin'标头。因此，不允许访问 http：// localhost 。
错误405

服务：

socialMarkt.factory('loginService', ['$resource', function($resource){    
    var apiAddress = "http://server.apiurl.com:8000/s/login/";
    return $resource(apiAddress, { login:"facebook", access_token: "@access_token" ,facebook_id: "@facebook_id" }, {
                getUser: {method:'POST'}
            });
}]);

控制器：

[...]
loginService.getUser(JSON.stringify(fbObj)),
                function(data){
                    console.log(data);
                },
                function(result) {
                    console.error('Error', result.status);
                }
[...]

我正在使用chrome，我不知道还有什么可以解决这个问题。我甚至将服务器配置为接受来自origin localhost

I'm using chrome, and I dont know what else to do in order to fix this problem. I've even configured the server to accept headers from origin localhost

推荐答案

您正在遇到CORS问题。

You are running into CORS issues.

有几种方法可以解决此问题。

There are several ways to fix this.

1. 关闭CORS。例如：如何关闭chrome中的cors


2. 为您的浏览器使用插件


3. 使用代理，例如nginx。 如何设置的示例

1. Turn off CORS. For example: how to turn off cors in chrome
2. Use a plugin for your browser
3. Use a proxy such as nginx. example of how to set up

更详细地说，您正试图从localhost访问api.serverurl.com。这是跨域请求的确切定义。

More verbosely, you are trying to access api.serverurl.com from localhost. This is the exact definition of cross domain request.

通过关闭它只是为了让你的工作完成（好吧，如果你访问其他网站，为你安全性差，只需将罐子踢到路上就可以了。你可以使用一个代理，让你的浏览器认为当你有本地服务器然后调用远程服务器时，所有请求都来自本地主机。

By either turning it off just to get your work done (OK, put poor security for you if you visit other sites and just kicks the can down the road) you can use a proxy which makes your browser think all requests come from local host when really you have local server that then calls the remote server.

所以api.serverurl.com可能会成为localhost：8000 / api，您的本地nginx或其他代理将发送到正确的目的地。

so api.serverurl.com might become localhost:8000/api and your local nginx or other proxy will send to the correct destination.

现在受欢迎的需求， 100％更多CORS信息 ....同样美味！

Now by popular demand, 100% more CORS info....same great taste!

这篇关于对预检请求的响应未通过访问控制检查的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！