从我的localhost提交帖子请求时收到以下错误 -
XMLHttpRequest cannot load http://sample-env.elasticbeanstalk.com/resource
Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
Origin 'http://localhost:8080' is therefore not allowed access
但是,在我的S3实例的CORS配置编辑器中,我有以下内容 -
<?xml version="1.0" encoding="UTF-8"?>
<CORSConfiguration xmlns="http://s3.amazonaws.com/doc/2006-03-01/">
<CORSRule>
<AllowedOrigin>*</AllowedOrigin>
<AllowedOrigin>http://*</AllowedOrigin>
<AllowedOrigin>https://*</AllowedOrigin>
<AllowedMethod>GET</AllowedMethod>
<AllowedMethod>POST</AllowedMethod>
<MaxAgeSeconds>3000</MaxAgeSeconds>
<AllowedHeader>*</AllowedHeader>
</CORSRule>
我玩过这三行,但我仍无法诊断问题。
<AllowedOrigin>*</AllowedOrigin>
<AllowedOrigin>http://*</AllowedOrigin>
<AllowedOrigin>https://*</AllowedOrigin>
我的开发人员控制台显示以下标题,这让我觉得这个CORS配置甚至没有被读取 -
HTTP/1.1 200 OK
Date: Fri, 21 Apr 2017 02:48:01 GMT
Server: Apache-Coyote/1.1
Allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS
Content-Length: 0
Keep-Alive: timeout=60, max=98
Connection: Keep-Alive
Content-Type: text/plain
有没有人看到我的配置有问题或是否还有其他必须添加的内容?我能够将tomS过滤器添加到我的tomcat的web.xml中,一切正常,所以我认为我正在配置我的弹性beanstalk错误。
修改
添加了以下.config文件(以前称为.yaml)
add_cors.config.config
files:
"/etc/httpd/conf.d/cors.conf" :
mode: "000644"
owner: root
group: root
content: |
<Location "/">
Header set Access-Control-Allow-Origin: *
Header set Access-Control-Allow-Methods: "POST, GET, PUT, DELETE, OPTIONS"
Header add Access-Control-Allow-Headers: "Authorization, Content-Type, Accept"
Header set Access-Control-Allow-Credentials: true
SetOutputFilter DEFLATE
</Location>
它正处于爆炸性战争中的这个位置 -
.
├── app.war
├── .ebextensions
│ ├── add_cors.config.yaml
├── META-INF
│ ├── …
└── WEB-INF
├── classes
│ └── …
├── servlet.xml
├── lib
│ ├── …
└── web.xml
我重新部署了战争,但我仍然遇到同样的错误 - “没有'Access-Control-Allow-Origin'标题出现”
解
不需要.ebextensions文件。我只需要像在tomcat的conf / web.xml中一样将CORS过滤器添加到web.xml
<!-- ================== CORS FILTERS ===================== -->
<filter>
<filter-name>CorsFilter</filter-name>
<filter-class>org.apache.catalina.filters.CorsFilter</filter-class>
<init-param>
<param-name>cors.allowed.origins</param-name>
<param-value>*</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.methods</param-name>
<param-value>GET,POST,HEAD,OPTIONS</param-value>
</init-param>
<init-param>
<param-name>cors.allowed.headers</param-name>
<param-value>Content-Type,X-Requested-With,accept,Origin,Access-Control-Request-Method,Access-Control-Request-Headers</param-value>
</init-param>
<init-param>
<param-name>cors.exposed.headers</param-name>
<param-value>Access-Control-Allow-Origin,Access-Control-Allow-Credentials</param-value>
</init-param>
<init-param>
<param-name>cors.support.credentials</param-name>
<param-value>true</param-value>
</init-param>
<init-param>
<param-name>cors.preflight.maxage</param-name>
<param-value>10</param-value>
</init-param>
</filter>
<filter-mapping>
<filter-name>CorsFilter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
答案 0 :(得分:1)
我对AWS EB知之甚少,但假设在tomcat前面有一个apache反向代理,看起来你可以使用ebextensions并在那里添加CORS头信息。见:
https://forums.aws.amazon.com/message.jspa?messageID=570570
和
http://docs.aws.amazon.com/elasticbeanstalk/latest/dg/customize-containers.html