Plupload跨域名上传200 http错误

时间:2014-02-24 12:40:47

标签: html5 firefox internet-explorer-8 cross-domain plupload

我想使用plupload库将文件上传到远程服务器。一切都适用于使用html5运行时的Chrome(32.0)和IE 10,但是当我尝试使用Firefox 27(html5运行时)或IE 8(html4运行时)时,我收到错误Error #-200: HTTP Error.

客户端脚本:

$(function() {
var uploader = new plupload.Uploader({
    browse_button: 'browse',
    url: 'https://remote.com/API/action.php',
    runtimes : 'html5,flash,silverlight,html4',
    flash_swf_url : './js/Moxie.swf',
    silverlight_xap_url : './js/Moxie.xap'
});

uploader.init();
uploader.settings.multipart_params = { 
       [...]
};

// PreInit events, bound before any internal events
uploader.bind('init', function(up, info) {
        console.log('[Init]', 'Info:', info, 'Features:', up.features);
        alert(info['runtime']);
});

uploader.bind('Error', function(up, err) {
    document.getElementById('console').innerHTML += "\nError #" + err.code + ": " + err.message;
});

document.getElementById('start-upload').onclick = function() {
    uploader.start();
};

});

Chrome首次请求:

Request URL:https://remote.com/API/action.php
Request Method:OPTIONS
Status Code:200 OK

Chrome的第二次请求:

Request URL:https://remote.com/API/action.php
Request Method:POST
Status Code:200 OK

请求标题

Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:fr-FR,fr;q=0.8,en-US;q=0.6,en;q=0.4
Access-Control-Request-Headers:content-type
Access-Control-Request-Method:POST
Cache-Control:no-cache
Connection:keep-alive
Host:hipt.ucc.ie
Origin:http://server.com
Pragma:no-cache
Referer: XXX
User-Agent:Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/32.0.1700.107 Safari/537.36

响应标头

Access-Control-Allow-Headers:Content-Type, Authorization, X-Requested-With
Access-Control-Allow-Methods:GET, PUT, POST, DELETE, OPTIONS
Access-Control-Allow-Origin:*
Access-Control-Max-Age:1000
Cache-Control:no-cache
Connection:close
Content-Length:5
Content-Type:text/html; charset=UTF-8
Date:Mon, 24 Feb 2014 11:57:54 GMT
Server:Apache/2.2.3 (CentOS)
X-Powered-By:PHP/5.1.6

Serverside脚本:

<?php

header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, PUT, POST, DELETE, OPTIONS');
header('Cache-Control: no-cache');
header('Access-Control-Max-Age: 1000');
header('Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With');

if (!empty($_FILES)) {

使用Firefox,使用OPTIONS方法对请求的响应为空,并且没有POST次请求。

以下是Firefox标题:

Firefox headers

我无法弄清楚为什么它不适用于Firefox和IE8。

感谢您的帮助。

[编辑]我刚尝试使用Flash运行时:同样适用于Chrome和IE 10但不适用于Firefox和IE8。奇怪的是,alert(info['runtime']);没有出现,但控制台中没有javascript错误......

4 个答案:

答案 0 :(得分:0)

有用的链接,用于Plupload跨域名上传200 http错误:

1: http://weblog.west-wind.com/posts/2013/Mar/12/Using-plUpload-to-upload-Files-with-ASPNET

2: http://www.bennadel.com/blog/2502-Uploading-Files-To-Amazon-S3-Using-Plupload-And-ColdFusion.htm

3: http://www.plupload.com/punbb/viewtopic.php?id=4000

4: https://github.com/moxiecode/plupload/wiki/Frequently-Asked-Questions

plupload还设置了Content-Type标头,因此您的服务器也必须使用Access-Control-Allow-Headers: Content-Type进行响应,否则对CORS的OPTIONS请求将失败。

如果您需要对此进行调试,Google Chrome中的Web Inspector在指出哪个是您的CORS请求失败的原因方面做得相当不错。

答案 1 :(得分:0)

好的,所以我终于找出了它无法正常工作的原因。我使用wireshark检查过,我注意到有一个encrypted alert

然后我使用http://www.sslshopper.com/ssl-checker.html检查远程服务器的证书并得到了这个答案:

  

所有网络浏览器都不信任该证书。您可能需要安装中间/链证书才能将其链接到受信任的根证书。详细了解此错误。解决此问题的最快方法是联系您的SSL提供商。

我必须添加一个例外,它最终工作了\ o /

答案 2 :(得分:0)

当您收到服务器端500错误时,也会引发此错误。例如,如果程序中存在语法错误(或致命的运行时错误)。

答案 3 :(得分:0)

我遇到了同样的问题,但我清楚地知道问题出在 csrf 令牌中。 解决方法如下:

HTML:

<HTML>

<body>
<p>your template content</p>

<!-- upload demo -->
<ul id="filelist"></ul>
<br />
<pre id="console"></pre>
<div id="container">
<a id="browse" href="javascript:;">[Browse...]</a>
{% csrf_token %} <!-- it may be places elsewhere in HTML -->
<a id="start-upload" href="javascript:;">[Start Upload]</a>
</div>
<!-- upload demo end -->

<p>your template cont'd</p>

<script type="text/javascript">
// function to get your crsf token from the cookie
function getCookie(name) {
    let cookieValue = null;
    if (document.cookie && document.cookie !== '') {
        const cookies = document.cookie.split(';');
        for (let i = 0; i < cookies.length; i++) {
            const cookie = cookies[i].trim();
            // Does this cookie string begin with the name we want?
            if (cookie.substring(0, name.length + 1) === (name + '=')) {
                cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
                break;
            }
        }
    }
    return cookieValue;
}

const crsf = getCookie('csrftoken');

var uploader = new plupload.Uploader({
    browse_button: 'browse', // this can be an id of a DOM element or the DOM element itself
    url: '/upload/',
   chunk_size: '822kb',
   headers: {'X-CSRFToken': crsf}, // here we add token to a header
   max_retries: 1
});
 
uploader.init();

<!-- and so on -->

</script>
</body>
</HTML>

#urls.py
urlpatterns = [
    ...
    path(route='upload/', view=Upload.as_view(), name='upload'),

#views.py
class Upload(View):

    def post(self, request):
        print('got upload post request')
        print(request.headers)
        ## do with the chunk whatever you need...
        return HttpResponse('email good, thank you!', status=200)

这里的例子: https://www.plupload.com/docs/v2/Getting-Started#wiki-full-example

您可以在此处阅读有关设置的信息: https://www.plupload.com/docs/v2/Uploader#settings-property

它与 Django 2.1+ 中的 post() 方法一起使用

相关问题
最新问题