XMLHttpRequest无法在后端使用angular $ resource前端或python / cgi脚本加载http:// host1:5000 / path

时间:2017-07-24 17:58:59

标签: python angularjs xmlhttprequest cors cgi

XMLHttpRequest无法加载http://host1:5000/endpoint。对预检请求的响应未通过访问控制检查:请求的资源上不存在“Access-Control-Allow-Origin”标头。因此,不允许原点“http://originhost:3000”访问。

如何使用前端或服务器端的anguarjs解决此问题(Python CGI脚本)。我无权使用浏览器,crome或安全性进行任何更改,甚至无法通过请求进行更改。

Angular Code前端:

function scheduleReportServiceFactory($resource){
		var schedule_report_url = 'http://host1/endpoint:bucket';
		var auth = btoa("xyz:xyz");
		var headers = {
			"Authorization" : "Basic " + auth,
              'Content-Type': 'application/json',
              'Access-Control-Allow-Origin': 'http://originhost:3000'
		};
		return {
			schedule_report : $resource(schedule_report_url, {}, {
				query : {
					method : 'GET',
					params : {
						bucket : '@bucket'
					},
					headers: headers,
					cache : true,
				}
			})
		};
	
	}
Python代码后端:
import .....


class Dispatcher(object):

    def not_found(self, environ, start_response):
        start_response('404 Not Found', [('Content-Type', 'application/octet-stream')])
        return []

    def __init__(self, mounts=None):
        self.mounts = mounts or {}

    def __call__(self, environ, start_response):
        script = environ.get('PATH_INFO', '')
        while '/' in script:
            if script in self.mounts:
                app = self.mounts[script]
                break
            script, last_item = script.rsplit('/', 1)
        else:
            app = self.mounts.get(script, self.not_found)
        return app(environ, start_response)

print >> sys.stderr, "app.cgi: server starting", os.environ.get('PATH_INFO')
for k in os.environ:
   print >>sys.stderr, k, os.environ[k]

app = Dispatcher({
   '/xyz/report/v1': report_app(),
   '/xyz/replication/v1': dr_app(),
})
if __name__ == '__main__':
    os.environ['DEBUG'] = '1'
    from werkzeug.serving import run_simple
    run_simple('0.0.0.0', 5000, app, use_debugger=True, use_reloader=True)
else:
    CGIHandler().run(app)

了解更多信息:

-sh-4.2$ curl -u xyz -H "Origin originhost:3000" --verbose   localhost:5000/endpoint/xyz
Enter host password for user 'xyz':
* About to connect() to localhost port 5000 (#0)
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 5000 (#0)
* Server auth using Basic with user 'xyz'
> GET /endpoint/xyz HTTP/1.1
> Authorization: Basic emt5ajM0aTowNjZCZXg0MjU=
> User-Agent: curl/7.29.0
> Host: localhost:5000
> Accept: */*
> Origin originhost:3000
>
* HTTP 1.0, assume close after body
< HTTP/1.0 401 UNAUTHORIZED
< Content-Type: application/octet-stream
* Authentication problem. Ignoring this.
< WWW-Authenticate: Basic
< Content-Length: 0
< Server: Werkzeug/0.12.2 Python/2.7.5
< Date: Mon, 24 Jul 2017 18:22:26 GMT
<
* Closing connection 0


-sh-4.2$ curl -u xyz -H "Origin originhost:3000"   -H "Access-Control-Request-Method: GET"   -H "Access-Control-Request-Headers: X-Requested-With"   -X OPTIONS --verbose   localhost:5000/endpiont/xyz
Enter host password for user 'xyz':
* About to connect() to localhost port 5000 (#0)
*   Trying 127.0.0.1...
* Connected to localhost (127.0.0.1) port 5000 (#0)
* Server auth using Basic with user 'xyz'
> OPTIONS endpoint/xyz HTTP/1.1
> Authorization: Basic emt5ajM0afhtTowNjZCZXg0Mg==
> User-Agent: curl/7.29.0
> Host: localhost:5000
> Accept: */*
> Origin originhost:3000
> Access-Control-Request-Method: GET
> Access-Control-Request-Headers: X-Requested-With
>
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Content-Type: text/html; charset=utf-8
< Allow: HEAD, GET, POST, OPTIONS, DELETE
< Content-Length: 0
< Server: Werkzeug/0.12.2 Python/2.7.5
< Date: Mon, 24 Jul 2017 18:24:53 GMT
<
* Closing connection 0

1 个答案:

答案 0 :(得分:0)

我认为你的问题不是在前端,而是在服务器端......问题是CORS问题..你需要允许服务器后端从你的前端获得请求......

我不知道如何在Python中使用它,但基本上它可以在所有语言中使用