首先,我要说我已尝试过大量已在此处发布的解决方案。它们似乎都不适合我。我意识到我的问题源于CORS和我的rails应用程序无法正确处理。但是,我不太清楚如何纠正这个问题。我希望这里有人可以解决这个问题。
相关代码摘要:
Rails application_controler.rb
class ApplicationController < ActionController::Base
protect_from_forgery
#before_filter :cors_preflight_check
before_filter :allow_cross_domain_access
after_filter :cors_set_access_control_headers
# For all responses in this controller, return the CORS access control headers.
def cors_set_access_control_headers
headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
headers['Access-Control-Max-Age'] = "1728000"
end
def cors_preflight_check
if request.method == :options
headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
headers['Access-Control-Allow-Headers'] = 'X-Requested-With, X-Prototype-Version'
headers['Access-Control-Max-Age'] = '1728000'
render :text => '', :content_type => 'text/plain'
end
end
def allow_cross_domain_access
headers['Access-Control-Allow-Origin'] = '*'# http://localhost:9000
headers['Access-Control-Allow-Headers'] = 'GET, POST, PUT, DELETE, OPTIONS'
headers['Access-Control-Allow-Methods'] = %w{Origin Accept Content-Type X-Requested-With X-CSRF-Token}.join(',')
headers['Access-Control-Max-Age'] = '1728000'
end
end
Angular App.js
]).config(function($httpProvider){
delete $httpProvider.defaults.headers.common['X-Requested-With'];
});
function loginCtrl ($scope,$http) {
$scope.master = {};
$scope.isUnchanged = function(user) {
return angular.equals(user, $scope.master);
};
$scope.login = function (user) {
$http({
method: 'POST',
/*url: 'http://localhost/test/quote.php',*/
url: 'http://localhost:3000/api/sessions/',
data: user
}).success(function(data)
{
alert("call phonegap store data function:" + data.access_token)
}).error(function (data, status, headers, config) {
alert("error" )
});
};
}
来自chorme的错误消息
OPTIONS http://localhost:3000/api/sessions/ 404 (Not Found) angular.js:6730
OPTIONS http://localhost:3000/api/sessions/ Origin http://localhost is not allowed by Access-Control-Allow-Origin. angular.js:6730
XMLHttpRequest cannot load http://localhost:3000/api/sessions/. Origin http://localhost is not allowed by Access-Control-Allow-Origin.
来自rails服务器的错误消息
Started OPTIONS "/api/sessions/" for 127.0.0.1 at 2013-11-03 22:30:54 -0500
ActionController::RoutingError (uninitialized constant SessionsController):
activesupport (3.2.13) lib/active_support/inflector/methods.rb:230:in
`block in constantize'
activesupport (3.2.13) lib/active_support/inflector/methods.rb:229:in `each'
activesupport (3.2.13) lib/active_support/inflector/methods.rb:229:in `constantize'
actionpack (3.2.13) lib/action_dispatch/routing/route_set.rb:69:in `controller
_reference' .....
....C:/Ruby/lib/ruby/2.0.0/webrick/httpserver.rb:138:in `service'
C:/Ruby/lib/ruby/2.0.0/webrick/httpserver.rb:94:in `run'
C:/Ruby/lib/ruby/2.0.0/webrick/server.rb:295:in `block in start_thread'
Rendered C:/Ruby/lib/ruby/gems/2.0.0/gems/actionpack-
3.2.13/lib/action_dispatch/middleware/templates/rescues/routing_error.erb within
rescues/layout (0.0ms)
非常感谢任何帮助!
答案 0 :(得分:3)
我明白了。
after_filter :cors_set_access_control_headers
# For all responses in this controller, return the CORS access control headers.
def cors_set_access_control_headers
headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Allow-Methods'] = 'POST, GET, OPTIONS'
headers['Access-Control-Allow-Headers'] = %w{Origin Accept Content-Type X-Requested-With X-CSRF-Token}.join(',')
headers['Access-Control-Max-Age'] = "1728000"
end
我把上面的代码放在我的基本控制器中,我的所有api控制器都继承自。问题是复制和粘贴解决方案。 ALLOW-headers和Allow-Methods值被反转。修好了。
答案 1 :(得分:0)
因此,如果我理解正确,您的rails应用程序正在localhost:3000上运行,提供角度应用程序,而该应用程序又从localhost:80请求。在这种情况下,您需要在localhost:80上使用Access-Control-Allow-Origin。
答案 2 :(得分:0)
我可以看到你找到了解决问题的方法,但我只想指出你的allow_cross_domain_access方法中你的allow-headers和allow-methods也是混淆的。
你有:
def allow_cross_domain_access
headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Allow-Headers'] = 'GET, POST, PUT, DELETE, OPTIONS'
headers['Access-Control-Allow-Methods'] = %w{Origin Accept Content-Type X-Requested-With X-CSRF-Token}.join(',')
headers['Access-Control-Max-Age'] = '1728000'
end
应该是:
def allow_cross_domain_access
headers['Access-Control-Allow-Origin'] = '*'
headers['Access-Control-Allow-Methods'] = 'GET, POST, PUT, DELETE, OPTIONS'
headers['Access-Control-Allow-Headers'] = %w{Origin Accept Content-Type X-Requested-With X-CSRF-Token}.join(',')
headers['Access-Control-Max-Age'] = '1728000'
end
希望有所帮助:)