我遇到了解决问题的问题。我只能在API中使用get-methods。通常情况下,人们在CORS方面遇到了问题,但我甚至无法在同一个域中使用它。我已经尝试了很多,并且有一段时间它在localhost上使用相同的域。
但后来我修改了我的代码,但它没有用。此外,我似乎无法在req.body或req.params中获取我的POST请求中的参数。我也没有使用任何预检请求。
'use strict';
var restify = require('restify'),
plugins = require('restify-plugins'),
config = require('./config.js'),
personController = require('./routes/person-controller')
var server = restify.createServer({
name: config.name,
version: config.version,
})
server.use(plugins.jsonBodyParser({ mapParams: true }))
server.use(plugins.acceptParser(server.acceptable))
server.use(plugins.queryParser({ mapParams: true }))
server.pre(restify.CORS({
origins: [
'*'
],
headers: [
"authorization",
"withcredentials",
"x-requested-with",
"x-forwarded-for",
"x-real-ip",
"x-customheader",
"user-agent",
"keep-alive",
"host",
"accept",
"connection",
"upgrade",
"content-type",
"dnt",
"if-modified-since",
"cache-control",
"Accept-Encoding",
"Accept-Language",
"User-Agent",
"Accept",
"DNT",
"Connection",
"Upgrade-Insecure-Requests",
"Cache-Control",
"Pragma",
"Content-Length",
"Content-Type",
"Accept-Type"
],
methods: ["GET", "POST", "PUT"]
})
)
server.use(plugins.fullResponse())
server.get("/api/values", personController.readAll);
server.get("/api/values/:id", personController.readOne);
server.post("/api/values/", personController.createPerson);
server.put("/api/values/", personController.updatePerson);
server.del("/api/values/", personController.delPerson);
server.on('uncaughtException', (req, res, route, err) => {
log.error(err.stack)
res.send(err)
});
server.listen(config.port, function () {
})
我想以这种方式解决,但如果我不能,我可能不得不切换回Express。
新信息: 现在,当我使用我的firefox浏览器时,我可以使用完整的原油。我使用服务器来托管我的节点应用程序。服务器是使用nginx的ubuntu服务器发行版的vmware。但是,当我用jmeter发布完全相同的请求时,我无法访问完整的crud功能,只能得到。这是来自火狐的请求
Host: 192.168.131.128
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101
Firefox/52.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: sv-SE,sv;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Cache-Control: max-age=0, no-cache
Content-Type: application/json
Content-Length: 174
Pragma: no-cache
似乎请求的不同来源以某种方式触发服务器上的不同CORS设置。
答案 0 :(得分:0)
使用以下课程。
从'./path/to/CORS.js'导入CORS;
新CORS(服务器).enableCorsRoutes();
class CORS {
constructor(server) {
this.server = server;
}
enableCorsRoutes = () => {
this.setCorsCredentialHeaders();
this.getCorsRoutes().forEach((route) => {
this.server.opts(route, this.enableCors);
});
}
enableCors = (req, res) => {
const header = req.header('origin');
if (!this.isOriginAllowed(header)) {
return res.send(405);
}
res.setHeader('Access-Control-Allow-Origin', header);
res.setHeader('Access-Control-Allow-Headers', this.getAllowedHeaders().join(','));
res.setHeader('Access-Control-Allow-Methods', this.getAllowedMethods().join(','));
res.setHeader('Access-Control-Max-Age', this.getCacheTimeForPreflightRequest());
return res.send(200);
}
isOriginAllowed = (origin) => {
let result = false;
this.getAllowedOrigins().forEach((allowedOrigin) => {
if (origin.includes(allowedOrigin)) {
result = true;
}
});
return result;
}
getAllowedHeaders = () => ([
'cache-control',
'content-type',
'x-signature',
'x-test-mode',
'x-request-id',
])
getAllowedMethods = () => ([
'OPTIONS',
'GET',
'POST',
'PUT',
'DELETE',
'PATCH',
])
getAllowedOrigins = () => ([
'example.com',
'example.org'
])
getCorsRoutes = () => ([
'/\.*/',
])
getCacheTimeForPreflightRequest = () => {
return 864000; // ten days in seconds
}
setCorsCredentialHeaders = () => {
this.server.use((req, res, next) => {
res.once('header', () => {
let isCorsRoute = false;
this.getCorsRoutes().forEach((route) => {
if (new RegExp(route).test(req.url)) {
isCorsRoute = true;
}
});
if (isCorsRoute && req.header('origin')) {
res.setHeader('Access-Control-Allow-Origin', req.header('origin'));
res.setHeader('Access-Control-Allow-Credentials', true);
}
});
next();
});
}
}
export default CORS;