Question

我在本地针对DocumentDB模拟器测试一些代码，并且REST API调用没有通过。我从Chrome收到以下错误：

XMLHttpRequest cannot load https://localhost:8081/dbs.
Response to preflight request doesn't pass access control check: 
No 'Access-Control-Allow-Origin' header is present on the requested resource. 
Origin 'null' is therefore not allowed access. The response had HTTP status code 401.

我的代码位于本地文件中，我还使用DocumentDbEmulatorCertificate创建了一个本地IIS站点。这两个都收到同样的错误。

Fiddler工作正常但以下请求返回数据库列表：

User-Agent: Fiddler
x-ms-date: Thu, 16 Feb 2017 00:32:08 GMT
Authorization: type%3dmaster%26ver%3d1.0%26sig%3dbpV9cfJJaOpXeGYwTxM8u3LtODh61EbiKw74d%2bnZCdY%3d
x-ms-version: 2016-07-11
Cache-Control: no-cache
Accept: application/json
Content-Type: application/json
Host: localhost:8081

我用来发出请求的代码如下：

<button onclick="db.getList()">Get DBs</button>

＆＃13;

var res = document.getElementById("resultText");

        var db = {
            getList: function () {

                let stamp = "Thu, 16 Feb 2017 00:32:08 GMT";
                let token =
                    "type%3dmaster%26ver%3d1.0%26sig%3dbpV9cfJJaOpXeGYwTxM8u3LtODh61EbiKw74d%2bnZCdY%3d";

                res.innerText = '> New request...\r> ' + new Date() + "\r";
                request.send("GET", "https://localhost:8081/dbs", null, stamp, token, function (data) {
                    res.innerText += "> " + data + "\r";
                });
            }
        };

        var request = {
            send: function (method, url, data, stamp, token, callback) {
                var xhttp = new XMLHttpRequest();
                xhttp.onreadystatechange = function () {
                    if (this.readyState == 4 && this.status == 200) {
                        callback(this.responseText);
                    } else
                    if (this.readyState == 4 && this.status != 200) {
                        res.innerText += "> " + this.status + ': ' + this.responseText + "\r";
                    }
                };
                xhttp.open(method, url, true);
                xhttp.setRequestHeader("x-ms-date", stamp);
                xhttp.setRequestHeader("Authorization", token);
                xhttp.setRequestHeader('x-ms-version', '2016-07-11');
                xhttp.setRequestHeader("Cache-Control", "no-cache");
                xhttp.setRequestHeader('Accept', 'application/json');
                //xhttp.setRequestHeader("Content-Type", "application/json");
                //xhttp.withCredentials = true;
                xhttp.onerror = function (e) {
                    res.innerText += '> There was an error!\r';
                };

                xhttp.send(data);
            },
        };

        res.innerText += '> Ready\r';

＆＃13;

body {
  padding: 1em;
  font-size: 1em;
  font-family: sans-serif;
}

#resultText {
  border: 1px solid silver;
  padding: 1em;
  font-size: 0.7em;
  font-family: Courier New, Courier, monospace;
}

＆＃13;

<!DOCTYPE html>
<html>

<head>
    <title>DocumentDB REST API Test</title>
    <meta http-equiv="Content-type" content="text/html; charset=utf-8">
    <meta name="viewport" content="width=device-width, initial-scale=1, user-scalable=no">
</head>

<body>
    <h3>Document DB</h3>
    Requests
    <p>
        <button onclick="db.getList()">Get DBs</button>
    </p>
    <div id="resultText"></div>
 </body>

＆＃13;

或许我想知道为什么会遇到CORS问题？当然，我可以通过模拟器拨打本地电话吗？

Answer 1

这是由您的浏览器而不是本地模拟器强制执行的。你可以

尝试重新启动浏览器并停用网络安全功能。对于Chrome，所需的标记为--disable-web-security --user-data-dir。如果有效，那么你应该......
导航至chrome://net-internals/#hsts并从需要了解密码的域列表中删除localhost

此外，下载最新版本的DocumentDB模拟器。

DocumentDB Emulator REST API

1 个答案: