Question

我有一个nodejs / expressjs Web API项目设置，当我使用curl测试时，它可以正常工作。

以下是本地电话的输出：

dc-designer-client git:(master) curl -H "Origin: http://example.com" -H "Access-Control-Request-Method: GET" -H "Access-Control-Request-Headers: X-Requested-With" -X OPTIONS --verbose http://0.0.0.0:3000/api/grid
* Hostname was NOT found in DNS cache
*   Trying 0.0.0.0...
* Connected to 0.0.0.0 (127.0.0.1) port 3000 (#0)
> OPTIONS /api/grid HTTP/1.1
> User-Agent: curl/7.37.1
> Host: 0.0.0.0:3000
> Accept: */*
> Origin: http://example.com
> Access-Control-Request-Method: GET
> Access-Control-Request-Headers: X-Requested-With
>
< HTTP/1.1 200 OK
< X-Powered-By: Express
< Access-Control-Allow-Origin: *
< Access-Control-Allow-Methods: GET,PUT,POST,DELETE,OPTIONS
< Access-Control-Allow-Headers: Content-Type, Authorization, Content-Length, X-Requested-With, *
< Content-Type: text/plain; charset=utf-8
< Content-Length: 2
< ETag: W/"2-4KoCHiHd29bYzs7HHpz1ZA"
< Date: Mon, 06 Jul 2015 01:24:01 GMT
< Connection: keep-alive
<
* Connection #0 to host 0.0.0.0 left intact

然而，当我部署到azure并尝试执行相同的curl语句时，它给了我以下内容：

dc-designer-server git:(master) curl -H "Origin: http://example.com" -H "Access-Control-Request-Method: GET" -H "Access-Control-Request-Headers: X-Requested-With" -X OPTIONS --verbose http://dc-server.azurewebsites.net/api/grid
* Hostname was NOT found in DNS cache
*   Trying 23.96.124.25...
* Connected to dc-server.azurewebsites.net (127.0.0.1) port 80 (#0)
> OPTIONS /api/grid HTTP/1.1
> User-Agent: curl/7.37.1
> Host: dc-server.azurewebsites.net
> Accept: */*
> Origin: http://example.com
> Access-Control-Request-Method: GET
> Access-Control-Request-Headers: X-Requested-With
>
* Empty reply from server
* Connection #0 to host dc-server.azurewebsites.net left intact
curl: (52) Empty reply from server

我确信这与iisnode和iis在azure上有关。我不知道的是如何配置Azure WebSite以允许OPTIONS预检检查传递到nodejs。

我的server.js代码正在使用cors npm包。当我配置nodejs和express时，此代码在本地工作，但似乎Azure上的IIS阻塞或导致我的代码出现问题。

是否有人使用iisnode配置Azure网站以允许进行CORS呼叫？

Answer 1

我在Azure网站上使用nodejs。我已经安装了cors包并启用了所有域的请求。 Azure仍在阻止CORS请求。

我更改了web.config（每个站点都有一个，如果一个不是部署的一部分，则创建一个）。根据此stackoverflow帖子：HTTP OPTIONS request on Azure Websites fails due to CORS

我的完整web.config - 我的网站有特定的设置，因此复制和粘贴它不会起作用。

<div>
    <h3>Nodes ...</h3>
    <br/><br/>
    <button type="button" onclick="func_node1()">Node 1</button>
    <button type="button" onclick="func_node2()">Node 2</button>
    <br/><hr/>
    <div id="display">
        <p id="p1"></p>
    </div>
</div>

复制此部分并将其插入关闭system.webServer 标记的正上方。

<?xml version="1.0" encoding="utf-8"?>
<!--
     This configuration file is required if iisnode is used to run node processes behind
     IIS or IIS Express.  For more information, visit:

     https://github.com/tjanczuk/iisnode/blob/master/src/samples/configuration/web.config
-->

<configuration>
  <system.webServer>
    <!-- Visit http://blogs.msdn.com/b/windowsazure/archive/2013/11/14/introduction-to-websockets-on-windows-azure-web-sites.aspx for more information on WebSocket support -->
    <webSocket enabled="false" />
    <handlers>
      <!-- Indicates that the server.js file is a node.js site to be handled by the iisnode module -->
      <add name="iisnode" path="transpiled/www.js" verb="*" modules="iisnode"/>
    </handlers>
    <rewrite>
      <rules>
        <!-- Do not interfere with requests for node-inspector debugging -->
        <rule name="NodeInspector" patternSyntax="ECMAScript" stopProcessing="true">
          <match url="^transpiled/www.js\/debug[\/]?" />
        </rule>

        <!-- First we consider whether the incoming URL matches a physical file in the /public folder -->
        <rule name="StaticContent">
          <action type="Rewrite" url="public{REQUEST_URI}"/>
        </rule>

        <!-- All other URLs are mapped to the node.js site entry point -->
        <rule name="DynamicContent">
          <conditions>
            <add input="{REQUEST_FILENAME}" matchType="IsFile" negate="True"/>
          </conditions>
          <action type="Rewrite" url="transpiled/www.js"/>
        </rule>
      </rules>
    </rewrite>

    <!-- 'bin' directory has no special meaning in node.js and apps can be placed in it -->
    <security>
      <requestFiltering>
        <hiddenSegments>
          <remove segment="bin"/>
        </hiddenSegments>
      </requestFiltering>
    </security>

    <!-- Make sure error responses are left untouched -->
    <httpErrors existingResponse="PassThrough" />

    <!--
      You can control how Node is hosted within IIS using the following options:
        * watchedFiles: semi-colon separated list of files that will be watched for changes to restart the server
        * node_env: will be propagated to node as NODE_ENV environment variable
        * debuggingEnabled - controls whether the built-in debugger is enabled

      See https://github.com/tjanczuk/iisnode/blob/master/src/samples/configuration/web.config for a full list of options
    -->
    <!--<iisnode watchedFiles="web.config;*.js"/>-->

    <httpProtocol>
        <customHeaders>
            <add name="Access-Control-Allow-Origin" value="*" />
            <add name="Access-Control-Allow-Methods" value="GET,POST,DELETE,HEAD,PUT,OPTIONS" />
            <add name="Access-Control-Allow-Headers" value="Origin, X-Olaround-Debug-Mode, Authorization, Accept" />
            <add name="Access-Control-Expose-Headers" value="X-Olaround-Debug-Mode, X-Olaround-Request-Start-Timestamp, X-Olaround-Request-End-Timestamp, X-Olaround-Request-Time, X-Olaround-Request-Method, X-Olaround-Request-Result, X-Olaround-Request-Endpoint" />
        </customHeaders>
    </httpProtocol>

  </system.webServer>
</configuration>

要获取web.config，您必须部署然后FTP到实例中。您可以通过单击＆＃34;下载发布配置文件＆＃34;从网站的信息中心链接。

打开文件，它是xml。

<httpProtocol>
    <customHeaders>
        <add name="Access-Control-Allow-Origin" value="*" />
        <add name="Access-Control-Allow-Methods" value="GET,POST,DELETE,HEAD,PUT,OPTIONS" />
        <add name="Access-Control-Allow-Headers" value="Origin, X-Olaround-Debug-Mode, Authorization, Accept" />
        <add name="Access-Control-Expose-Headers" value="X-Olaround-Debug-Mode, X-Olaround-Request-Start-Timestamp, X-Olaround-Request-End-Timestamp, X-Olaround-Request-Time, X-Olaround-Request-Method, X-Olaround-Request-Result, X-Olaround-Request-Endpoint" />
    </customHeaders>
</httpProtocol>

在FTP的publishProfile元素中，您可以找到网址，用户名和密码。完整地使用这些值，否则它将无法工作。

获得web.config后，进行更改并将其上传回网站。看看是否有效。它对我有用。

要使其继续工作，您需要将web.config添加到项目（或站点）的根目录。否则Azure会在每次部署时将其吹走。

Answer 2

事实证明，您无需修改Azure IISNode的默认web.config来处理CORS请求。

在我的server.js NodeJS代码中，我使用的是标准的CORS npm包。为了让我的CORS请求跨浏览器工作，我必须更改的是将我的请求的协议从“HTTP”更改为“HTTPS”。

完成此更改后，我可以使用任何浏览器以及使用curl测试我的WebAPI。

Answer 3

有一个样本here，用于设置前端和后端站点，并使用CORS进行设置。具体来说，this file具有逻辑。

话虽如此，这是一个.NET示例。因此，它表明它可以在Azure Web Apps上运行，但我不确定是否存在与IISNode相关的特殊注意事项。

iisnode和cors在azure网站上

3 个答案: