为什么我仍然在我的Meteor API中获得'Access-Control-Allow-Origin'?

时间:2014-12-05 07:40:54

标签: ajax api meteor cross-domain

我收到此错误:

XMLHttpRequest cannot load http://xyz.meteor.com/api/posts/b7shrmshYZ85wsFLZ. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.jquery.com' is therefore not allowed access.

即使我已经在我的代码中写了这个错误,我仍然会收到此错误。

this.response.setHeader("Access-Control-Allow-Origin", "*");
this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");

我有什么东西在这里失踪吗?我从以下代码获取代码:

https://github.com/awatson1978/rest-api

但是我已经大量修改了路径以使其更加RESTful。

//==============================================================================
// the following is a REST API that only uses the POST portion of the HTTP protocol
// and is suitable for automated browser testing

// be aware that POSTS refers to the HTTP protocol
// while 'posts' and 'Posts' refers to the weblog example used in the Meteor Cookbook
// this particular example has a slight bit of name-collision occurring


// api:      http://localhost:3000/api/posts
// example:  http://localhost:3000/api/posts
Router.route('/api/posts', function(){
  if (this.request.method == 'GET') {
    this.response.statusCode = 200;
    this.response.setHeader("Content-Type", "application/json");
    this.response.setHeader("Access-Control-Allow-Origin", "*");
    this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
    this.response.end(JSON.stringify(
      Posts.find().fetch()
    ));
  } else if (this.request.method == 'POST') {
    this.response.statusCode = 200;
    this.response.setHeader("Content-Type", "application/json");
    this.response.setHeader("Access-Control-Allow-Origin", "*");
    this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
    this.response.end(JSON.stringify(
      Posts.insert(this.request.body)
    ));
  } else {
    this.response.statusCode = 405;
    this.response.end("Invalid Request Type");
  };
}, {where: 'server'});

// api:      http://localhost:3000/api/posts/:postId
// example:  http://localhost:3000/api/posts/314159
Router.route('/api/posts/:postId', function(){
  if (!Posts.findOne({_id: this.params.postId})) {
    this.response.statusCode = 404;
    this.response.end("Invalid Request Type");
  } else if (this.request.method == 'GET') {
    this.response.statusCode = 200;
    this.response.setHeader("Content-Type", "application/json");
    this.response.setHeader("Access-Control-Allow-Origin", "*");
    this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
    this.response.end(JSON.stringify(
      Posts.findOne({_id: this.params.postId })
    ));
  } else if (this.request.method == 'PUT') {
    Posts.update({_id: this.params.postId },{$set: this.request.body});
    this.response.statusCode = 200;
    this.response.setHeader("Content-Type", "application/json");
    this.response.setHeader("Access-Control-Allow-Origin", "*");
    this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
    this.response.end(JSON.stringify(
      Posts.findOne({_id: this.params.postId })
    ));
  } else if (this.request.method == 'DELETE') {
    this.response.statusCode = 200;
    this.response.setHeader("Content-Type", "application/json");
    this.response.setHeader("Access-Control-Allow-Origin", "*");
    this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
    this.response.end(JSON.stringify(
      Posts.remove({_id: this.params.postId })
    ));
  } else {
    this.response.statusCode = 405;
    this.response.end("Invalid Request Type");
  };
}, {where: 'server'});

Router.route('/api/posts/search/:user', function(){
  if (this.request.method == 'GET') {
    this.response.statusCode = 200;
    this.response.setHeader("Content-Type", "application/json");
    this.response.setHeader("Access-Control-Allow-Origin", "*");
    this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
    this.response.end(JSON.stringify(
      Posts.find( { user: this.params.user } ).fetch()
    ));
  } else {
    this.response.statusCode = 405;
  };
}, {where: 'server'});

编辑:

没关系,明白了。我失踪了,需要大量的重构:

this.request.method == 'OPTIONS' 

//==============================================================================
// the following is a vanilla REST API that uses the entire HTTP protocol

// api:      http://localhost:3000/api/posts
// example:  http://localhost:3000/api/posts

// api:      http://localhost:3000/api/posts/:postId
// example:  http://localhost:3000/api/posts/12345

// api:      http://localhost:3000/api/posts/search/:username
// example:  http://localhost:3000/api/posts/search/bill

Router.route('/api/posts', function(){
  // console.log('################################################');
  // console.log(this.request.method);
  // console.log(this.request.headers);
  // console.log('this.params.postId: ' + this.params.postId);
  //
  // console.log('------------------------------');
  // console.log(this.request.body);
  // console.log('------------------------------');

  this.response.statusCode = 200;
  this.response.setHeader("Content-Type", "application/json");
  this.response.setHeader("Access-Control-Allow-Origin", "*");
  this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");

  if (this.request.method == 'GET') {
    Statistics.update({_id: "configuration"},{$inc:{
      total_count: 1,
      list_count: 1
    }});
    this.response.end(JSON.stringify(
      Posts.find().fetch()
    ));
  } else if (this.request.method == 'POST') {
    Statistics.update({_id: "configuration"},{$inc:{
      total_count: 1,
      insert_count: 1
    }});
    this.response.end(JSON.stringify(
      Posts.insert(this.request.body)
    ));
  } else if (this.request.method == 'OPTIONS') {
    this.response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, DELETE, OPTIONS");
    this.response.end("OPTIONS Response");
  }
}, {where: 'server'});


Router.route('/api/posts/:postId', function(){
  // console.log('################################################');
  // console.log(this.request.method);
  // console.log(this.request.headers);
  // console.log('this.params.postId: ' + this.params.postId);
  //
  // console.log('------------------------------');
  // console.log(this.request.body);
  // console.log('------------------------------');

  this.response.statusCode = 200;
  this.response.setHeader("Content-Type", "application/json");
  this.response.setHeader("Access-Control-Allow-Origin", "*");
  this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");

  //Access-Control-Allow-Origin: http://foo.example
  //Access-Control-Allow-Methods: POST, GET, OPTIONS
  //Access-Control-Allow-Headers: X-PINGOTHER

  if (this.request.method == 'GET') {
    Statistics.update({_id: "configuration"},{$inc:{
      total_count: 1,
      get_count: 1
    }});
    this.response.end(JSON.stringify(
      Posts.findOne({_id: this.params.postId })
    ));
  } else if (this.request.method == 'PUT') {
    Statistics.update({_id: "configuration"},{$inc:{
      total_count: 1,
      update_count: 1
    }});
    this.response.end(JSON.stringify(
      Posts.update({_id: this.params.postId},{$set: this.request.body})
    ));
  } else if (this.request.method == 'DELETE') {
    Statistics.update({_id: "configuration"},{$inc:{
      total_count: 1,
      delete_count: 1
    }});
    this.response.end(JSON.stringify(
      Posts.remove({_id: this.params.postId })
    ));
  } else if (this.request.method == 'OPTIONS') {
    this.response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, DELETE, OPTIONS");
    this.response.end("OPTIONS Response With Parameter");
  }
}, {where: 'server'});

Router.route('/api/posts/search/:user', function(){
  // console.log('################################################');
  // console.log(this.request.method);
  // console.log(this.request.headers);
  // console.log('this.params.postId: ' + this.params.postId);
  //
  // console.log('------------------------------');
  // console.log(this.request.body);
  // console.log('------------------------------');

  this.response.statusCode = 200;
  this.response.setHeader("Content-Type", "application/json");
  this.response.setHeader("Access-Control-Allow-Origin", "*");
  this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");

  //Access-Control-Allow-Origin: http://foo.example
  //Access-Control-Allow-Methods: POST, GET, OPTIONS
  //Access-Control-Allow-Headers: X-PINGOTHER

  if (this.request.method == 'GET') {
    Statistics.update({_id: "configuration"},{$inc:{
      total_count: 1,
      get_count: 1
    }});
    this.response.end(JSON.stringify(
      Posts.find( { user: this.params.user } ).fetch()
    ));
  };
}, {where: 'server'});

1 个答案:

答案 0 :(得分:1)

没关系,明白了。我错过了这个:

this.request.method == 'OPTIONS'

我的代码也需要大量的重构。

//==============================================================================
// the following is a REST API that only uses the POST portion of the HTTP protocol
// and is suitable for automated browser testing

// be aware that POSTS refers to the HTTP protocol
// while 'posts' and 'Posts' refers to the weblog example used in the Meteor Cookbook
// this particular example has a slight bit of name-collision occurring


// api:      http://localhost:3000/api/posts
// example:  http://localhost:3000/api/posts
Router.route('/api/posts', function(){
  if (this.request.method == 'GET') {
    this.response.statusCode = 200;
    this.response.setHeader("Content-Type", "application/json");
    this.response.setHeader("Access-Control-Allow-Origin", "*");
    this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
    this.response.end(JSON.stringify(
      Posts.find().fetch()
    ));
  } else if (this.request.method == 'POST') {
    this.response.statusCode = 200;
    this.response.setHeader("Content-Type", "application/json");
    this.response.setHeader("Access-Control-Allow-Origin", "*");
    this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
    this.response.end(JSON.stringify(
      Posts.insert(this.request.body)
    ));
  } else {
    this.response.statusCode = 405;
    this.response.end("Invalid Request Type");
  };
}, {where: 'server'});

// api:      http://localhost:3000/api/posts/:postId
// example:  http://localhost:3000/api/posts/314159
Router.route('/api/posts/:postId', function(){
  if (!Posts.findOne({_id: this.params.postId})) {
    this.response.statusCode = 404;
    this.response.end("Invalid Request Type");
  } else if (this.request.method == 'GET') {
    this.response.statusCode = 200;
    this.response.setHeader("Content-Type", "application/json");
    this.response.setHeader("Access-Control-Allow-Origin", "*");
    this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
    this.response.end(JSON.stringify(
      Posts.findOne({_id: this.params.postId })
    ));
  } else if (this.request.method == 'PUT') {
    Posts.update({_id: this.params.postId },{$set: this.request.body});
    this.response.statusCode = 200;
    this.response.setHeader("Content-Type", "application/json");
    this.response.setHeader("Access-Control-Allow-Origin", "*");
    this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
    this.response.end(JSON.stringify(
      Posts.findOne({_id: this.params.postId })
    ));
  } else if (this.request.method == 'DELETE') {
    this.response.statusCode = 200;
    this.response.setHeader("Content-Type", "application/json");
    this.response.setHeader("Access-Control-Allow-Origin", "*");
    this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
    this.response.end(JSON.stringify(
      Posts.remove({_id: this.params.postId })
    ));
  } else {
    this.response.statusCode = 405;
    this.response.end("Invalid Request Type");
  };
}, {where: 'server'});

Router.route('/api/posts/search/:user', function(){
  if (this.request.method == 'GET') {
    this.response.statusCode = 200;
    this.response.setHeader("Content-Type", "application/json");
    this.response.setHeader("Access-Control-Allow-Origin", "*");
    this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
    this.response.end(JSON.stringify(
      Posts.find( { user: this.params.user } ).fetch()
    ));
  } else {
    this.response.statusCode = 405;
  };
}, {where: 'server'});
EDIT:

Nevermind, figured it out. I was missing and needed a LOT of refactoring:

this.request.method == 'OPTIONS'

//==============================================================================
// the following is a vanilla REST API that uses the entire HTTP protocol

// api:      http://localhost:3000/api/posts
// example:  http://localhost:3000/api/posts

// api:      http://localhost:3000/api/posts/:postId
// example:  http://localhost:3000/api/posts/12345

// api:      http://localhost:3000/api/posts/search/:username
// example:  http://localhost:3000/api/posts/search/bill

Router.route('/api/posts', function(){
  // console.log('################################################');
  // console.log(this.request.method);
  // console.log(this.request.headers);
  // console.log('this.params.postId: ' + this.params.postId);
  //
  // console.log('------------------------------');
  // console.log(this.request.body);
  // console.log('------------------------------');

  this.response.statusCode = 200;
  this.response.setHeader("Content-Type", "application/json");
  this.response.setHeader("Access-Control-Allow-Origin", "*");
  this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");

  if (this.request.method == 'GET') {
    Statistics.update({_id: "configuration"},{$inc:{
      total_count: 1,
      list_count: 1
    }});
    this.response.end(JSON.stringify(
      Posts.find().fetch()
    ));
  } else if (this.request.method == 'POST') {
    Statistics.update({_id: "configuration"},{$inc:{
      total_count: 1,
      insert_count: 1
    }});
    this.response.end(JSON.stringify(
      Posts.insert(this.request.body)
    ));
  } else if (this.request.method == 'OPTIONS') {
    this.response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, DELETE, OPTIONS");
    this.response.end("OPTIONS Response");
  }
}, {where: 'server'});


Router.route('/api/posts/:postId', function(){
  // console.log('################################################');
  // console.log(this.request.method);
  // console.log(this.request.headers);
  // console.log('this.params.postId: ' + this.params.postId);
  //
  // console.log('------------------------------');
  // console.log(this.request.body);
  // console.log('------------------------------');

  this.response.statusCode = 200;
  this.response.setHeader("Content-Type", "application/json");
  this.response.setHeader("Access-Control-Allow-Origin", "*");
  this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");

  //Access-Control-Allow-Origin: http://foo.example
  //Access-Control-Allow-Methods: POST, GET, OPTIONS
  //Access-Control-Allow-Headers: X-PINGOTHER

  if (this.request.method == 'GET') {
    Statistics.update({_id: "configuration"},{$inc:{
      total_count: 1,
      get_count: 1
    }});
    this.response.end(JSON.stringify(
      Posts.findOne({_id: this.params.postId })
    ));
  } else if (this.request.method == 'PUT') {
    Statistics.update({_id: "configuration"},{$inc:{
      total_count: 1,
      update_count: 1
    }});
    this.response.end(JSON.stringify(
      Posts.update({_id: this.params.postId},{$set: this.request.body})
    ));
  } else if (this.request.method == 'DELETE') {
    Statistics.update({_id: "configuration"},{$inc:{
      total_count: 1,
      delete_count: 1
    }});
    this.response.end(JSON.stringify(
      Posts.remove({_id: this.params.postId })
    ));
  } else if (this.request.method == 'OPTIONS') {
    this.response.setHeader("Access-Control-Allow-Methods", "POST, PUT, GET, DELETE, OPTIONS");
    this.response.end("OPTIONS Response With Parameter");
  }
}, {where: 'server'});

Router.route('/api/posts/search/:user', function(){
  // console.log('################################################');
  // console.log(this.request.method);
  // console.log(this.request.headers);
  // console.log('this.params.postId: ' + this.params.postId);
  //
  // console.log('------------------------------');
  // console.log(this.request.body);
  // console.log('------------------------------');

  this.response.statusCode = 200;
  this.response.setHeader("Content-Type", "application/json");
  this.response.setHeader("Access-Control-Allow-Origin", "*");
  this.response.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");

  //Access-Control-Allow-Origin: http://foo.example
  //Access-Control-Allow-Methods: POST, GET, OPTIONS
  //Access-Control-Allow-Headers: X-PINGOTHER

  if (this.request.method == 'GET') {
    Statistics.update({_id: "configuration"},{$inc:{
      total_count: 1,
      get_count: 1
    }});
    this.response.end(JSON.stringify(
      Posts.find( { user: this.params.user } ).fetch()
    ));
  };
}, {where: 'server'});
相关问题
最新问题