我正在尝试在节点js中运行服务器,它实际上是一个graphql服务器。我只是从客户端调用JS的反应方法
客户端在localhost:3000中运行,服务器端在localhost:4000
中运行客户端代码
var dice = 3;
var sides = 6;
var xhr = new XMLHttpRequest();
xhr.responseType = 'json';
xhr.open("POST", "http://localhost:4000/graphql");
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Accept", "application/json");
xhr.onload = function () {
debugger;
console.log('data returned:', xhr.response);
}
var query = `query RollDice($dice: Int!, $sides: Int) {
rollDice(numDice: $dice, numSides: $sides)
}`;
xhr.send(JSON.stringify({
query: query,
variables: { dice: dice, sides: sides },
}));
并且在服务器端我正在使用以下代码
var express = require('express');
var graphqlHTTP = require('express-graphql');
var { buildSchema } = require('graphql');
// Construct a schema, using GraphQL schema language
var schema = buildSchema(`
type Query {
rollDice(numDice: Int!, numSides: Int): [Int]
}
`);
// The root provides a resolver function for each API endpoint
var root = {
rollDice: function ({numDice, numSides}) {
var output = [];
for (var i = 0; i < numDice; i++) {
output.push(1 + (numSides *3));
}
return output;
}
};
var app = express();
//CORS middleware
app.use(function (req, res, next) {
// Website you wish to allow to connect
res.setHeader('Access-Control-Allow-Origin', 'http://localhost:3000');
// Request methods you wish to allow
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
// Request headers you wish to allow
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
// Set to true if you need the website to include cookies in the requests sent
// to the API (e.g. in case you use sessions)
res.setHeader('Access-Control-Allow-Credentials', true);
// Pass to next layer of middleware
next();
});
app.use('/graphql', graphqlHTTP({
schema: schema,
rootValue: root,
graphiql: true,
}));
app.listen(4000);
console.log('Running a GraphQL API server at localhost:4000/graphql');
我得到的错误是
XMLHttpRequest无法加载http://localhost:4000/graphql。预检的响应具有无效的HTTP状态代码405
我有什么遗漏......
感谢。
答案 0 :(得分:1)
您需要通过正确回应OPTIONS请求来处理CORS代码中的飞行前请求(OPTIONS):
function (req, res, next) {
// Website you wish to allow to connect
res.setHeader('Access-Control-Allow-Origin', 'http://localhost:3000');
// Request methods you wish to allow
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
// Request headers you wish to allow
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
// Set to true if you need the website to include cookies in the requests sent
// to the API (e.g. in case you use sessions)
res.setHeader('Access-Control-Allow-Credentials', true);
// Pass to next layer of middleware
if (req.method === "OPTIONS") {
return res.status(200).end();
}
return next();
}