我是Firebase的新手,并且想使用其HTTP云功能。当我尝试转到任何端点(不使用仿真器-例如https://us-central1-xxxxxxxx.cloudfunctions.net/app/api/admin/studio)时,出现CORS错误。
这是我的代码示例。我目前没有设置安全规则(仍在开发中)。使用Firebase模拟器时,以下代码可完美工作。只是不使用“实时” .cloudfunctions链接。
我是否缺少权限或设置?如果您直接通过浏览器或POSTMAN(而不是从react应用程序)访问此端点,则此端点有效。
react应用出现错误的示例是:
Origin https://xxxxxxxxxxx is not allowed by Access-Control-Allow-Origin.
Fetch API cannot load https://us-central1-xxxxxxxx.cloudfunctions.net/app/api/admin/studio due to access control checks.
index.js
const functions = require("firebase-functions")
const express = require("express")
const app = express()
const cors = require("cors")({ origin: true })
app.use(cors)
const studio = require("./http/studio.js")
app.post("/api/admin/studio", studio.add)
exports.app = functions.https.onRequest(app)
db.js
const admin = require("firebase-admin")
admin.initializeApp()
module.exports = admin.firestore()
http / studio.js
const db = require("../db")
const error = require("./error")
exports.add = (req, res) => {
const { data } = req.body
if (!data) {
return error.no_data(res)
}
return db
.collection("data")
.doc("studio")
.update({ values: admin.firestore.FieldValue.arrayUnion(data) })
.then(res.status(200).send("Data updated successfully"))
.catch(err => error.updating(res, err))
}
答案 0 :(得分:0)
我能够通过更新index.js代码来修复,以包括允许的来源列表。
const functions = require("firebase-functions")
const express = require("express")
const app = express()
const cors = require("cors")({ origin: true })
var allowedOrigins = ["https://domainone", "https://domaintwo"]
app.use(
cors({
origin: function(origin, callback) {
if (!origin) return callback(null, true)
if (allowedOrigins.indexOf(origin) === -1) {
var msg = "The CORS policy for this site does not " + "allow access from the specified Origin."
return callback(new Error(msg), false)
}
return callback(null, true)
}
})
)
const studio = require("./http/studio.js")
app.post("/api/admin/studio", studio.add)
exports.app = functions.https.onRequest(app)