使用Scala在Ionic中的CORS问题(403)

时间:2017-04-11 19:04:39

标签: scala api ionic-framework cors ionic2

我在Ionic app中遇到问题。 Rest api是用Scala编写的,它在浏览器和邮递员的网站和Ionic应用程序中正常工作。但它不适用于App。当我点击那个API时,我正面临 403问题。 我试图更新scala配置文件

 cors {
  pathPrefixes = ["/api"]
  }

现在它在应用程序中工作正常,但在浏览器中却没有,该怎么办?这是API端或Ionic代码结束的问题吗?我的代码如下

let params = {"vendor._id":"1"};    
let headers = new Headers({
      "Content-Type": "application/json"
    });
    let options = new RequestOptions({
      headers: headers
    });

     this.http.post('apiurl',params, options)

1 个答案:

答案 0 :(得分:2)

这是Cordova的Play框架问题。以下链接将解释它:

https://forum.ionicframework.com/t/ionic-http-request-with-403-error-on-ipad-device/50269/3

<强> 原因:

Cordova通过标题Origin: file://…

发送请求

您可以查看此链接以解决此问题 Play! 2.4: How to allow CORS from origin file://

删除从Play框架导入的默认课程过滤器,并编写基于条件的过滤器:

import play.api.Logger
import play.api.libs.concurrent.Execution.Implicits.defaultContext
import play.api.mvc._
import play.mvc.Http

/**
  * Allow CORS from anywhere, any method
  */
class CORSFilter extends EssentialFilter {
  def apply(nextFilter: EssentialAction) = new EssentialAction {
    def apply(requestHeader: RequestHeader) = {
      nextFilter(requestHeader)
        .map { result =>
          if (requestHeader.method.equals("OPTIONS")) {
            Results.Ok.withHeaders(
              Http.HeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN -> "*",
              Http.HeaderNames.ACCESS_CONTROL_ALLOW_HEADERS -> "Access-Control-Allow-Origin,X-Requested-With, Accept, Content-Type,application, idUser, access-control-allow-methods, token, access-control-allow-credentials, Authorization",
              Http.HeaderNames.ACCESS_CONTROL_ALLOW_METHODS -> "HEAD,GET,POST,PUT,PATCH,DELETE")
          } else {
            result.withHeaders(
              Http.HeaderNames.ACCESS_CONTROL_ALLOW_ORIGIN -> "*",
              Http.HeaderNames.ACCESS_CONTROL_ALLOW_HEADERS -> "X-Requested-With, Accept, Content-Type",
              Http.HeaderNames.ACCESS_CONTROL_ALLOW_METHODS -> "HEAD,GET,POST,PUT,PATCH,DELETE",
              Http.HeaderNames.ACCESS_CONTROL_EXPOSE_HEADERS -> "X-Custom-Header-To-Expose")
          }
        }
    }
  }
}