获取方法工作,但不发布 - ZapWorks Studio

时间:2018-06-15 14:26:40

标签: javascript android ajax cors couchdb

我使用zapworks studio开发AR体验。它使用Z.ajax进行ajax调用。我发出GET请求和POST请求。我还使用smileupps来托管couchdb(他们有免费托管)。这是CORS配置:

  

凭据:false;标题:接受,授权,内容类型,来源;   方法:GET,POST,PUT,DELETE,OPTIONS,HEAD;起源:*

在Windows上启动ZapWorks Studio时,一切正常。但是,当用Android设备扫描zapcode时,post ajax调用失败。只有帖子。我正在使用basic authentication。我强制说只有管理员可以在couchdb上管理数据库。我可以通过网络浏览器从桌面和手机访问主机,手动完成所有操作。

我尽我所能来解决问题:删除身份验证,更改CORS配置......无效。我认为这是CORS的一个问题,但是一切正常,在Windows和移动设备上只是POST失败了...我的状态代码为0。

编辑 - 新信息,apitester上的测试也适用于桌面和移动设备。

编辑 - Here's the zpp以显示逻辑

编辑 - 在我的手机上尝试使用REST Api Client,它也可以正常使用。这只能是一个CORS问题或zapworks的问题。很奇怪,它适用于Windows,但不适用于手机。

编辑 - 我发现了问题所在,但没有找到解决方法。所以我设置了一个代理来调试this tutorial之后zapworks studio发出的请求。似乎它做了preflight request但得到了回复

  

" HTTP / 1.1 405方法不允许"

即使有效载荷是

  

{"错误":" method_not_allowed","原因":"仅删除,获取,头,POST   允许"}

以下是请求:

OPTIONS /ranking HTTP/1.1
Host: somehost.com
Connection: keep-alive
Access-Control-Request-Method: POST
Origin: null
User-Agent: Mozilla/5.0 (Linux; Android 8.0.0; SM-G950U1 Build/R16NW; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/67.0.3396.87 Mobile Safari/537.36
Access-Control-Request-Headers: authorization,content-type,x-requested-with
Accept: */*
Accept-Encoding: gzip, deflate
Accept-Language: en-US
X-Requested-With: com.zappar.Zappar

和回复:

HTTP/1.1 405 Method Not Allowed
Server: CouchDB/1.6.0 (Erlang OTP/R15B01)
Date: Mon, 18 Jun 2018 21:22:12 GMT
Content-Type: text/plain; charset=utf-8
Content-Length: 76
Cache-Control: must-revalidate
Allow: DELETE,GET,HEAD,POST
Access-Control-Expose-Headers: Cache-Control, Content-Type, Server
Access-Control-Allow-Origin: null
Connection: keep-alive

{"error":"method_not_allowed","reason":"Only DELETE,GET,HEAD,POST allowed"}

清楚地表明允许POST ...

在Windows方面,由于某种原因,似乎没有预检请求,我的猜测是它的工作原理。现在问题是如何在couchdb上配置CORS以在android上工作。这些是可用的配置:

enable_cors: true
credentials: false
headers:Accept, Authorization, Content-Type, Origin
methods:GET,POST,PUT,DELETE,OPTIONS,HEAD
origins:*

这是代码:

const Open_SansRegular_ttf0 = symbol.nodes.Open_SansRegular_ttf0;

parent.on("ready", () => {
    const Plane0 = symbol.nodes.Plane0;

    let ajaxParameters : Z.Ajax.Parameters = {
        url: "https://something.smileupps.com/test/_all_docs?include_docs=true",
        headers: {"Authorization": "Basic my64encoding"},
        method: "GET",
        timeout: 3000
    };

    // Perform the AJAX request
    Z.ajax(ajaxParameters, (statusCode, data, request) => {checkRequest(statusCode, data);});

    ajaxParameters = {
        url: "https://something.smileupps.com/test",
        headers: {"Content-Type":"application/json", "Authorization": "Basic my64encoding"},
        method: "POST",
        body: '{"name" : "asdasd", "something": 234}',
        timeout: 3000
    };

    Z.ajax(ajaxParameters, (statusCode, data, request) => {checkRequest(statusCode, data);});


});

function checkRequest(statusCode, data) {
    if (statusCode === 0) {
        Open_SansRegular_ttf0.text("Unable to connect - check network connection.");
        console.log("Unable to connect - check network connection.");
        return;
    }

    if (statusCode < 200 || statusCode >= 300) {
        Open_SansRegular_ttf0.text("HTTP request failed: " + statusCode);
        console.log("HTTP request failed: " + statusCode);
        return;
    }

    // Attempt to parse the data returned from the AJAX request as JSON
    let parsedData;
    try {
        // https://developer.mozilla.org/en/docs/Web/JavaScript/Reference/Global_Objects/JSON/parse
        parsedData = JSON.parse(data);
    } catch (e) {
        Open_SansRegular_ttf0.text("Unable to parse JSON: " + e);
        console.log("Unable to parse JSON: " + e);
        return;
    }

    return parsedData;
}

EDIT 这是Windows上的请求

Accept:*/*
Accept-Encoding:gzip, deflate
Accept-Language:en-US
Authorization:Basic mybase64encoding
Connection:keep-alive
Content-Length:37
Content-Type:application/json
Host:http://something.smileupps.com/test
Origin:file://
User-Agent:Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) ZapWorksStudio/4.0.4-stable Chrome/58.0.3029.110 Electron/1.7.9 Safari/537.36
X-DevTools-Request-Id:3680.9
X-Requested-With:XMLHttpRequest

和回复:

Access-Control-Allow-Origin:file://
Access-Control-Expose-Headers:Cache-Control, Content-Type, ETag, Server
Cache-Control:must-revalidate
Content-Length:95
Content-Type:text/plain; charset=utf-8
Date:Mon, 18 Jun 2018 21:36:22 GMT
ETag:"1-512f89feb3d0a88781119e772ec6fd7b"
Location:http://something.smileupps.com/test
Server:CouchDB/1.6.0 (Erlang OTP/R15B01)

没有预检。

1 个答案:

答案 0 :(得分:0)

您的问题出在请求中:Origin: null通常是使用file:而不是http或{{1}打开包含xhr请求的网页时得到的结果} 协议。这样的来源将不会成功发送任何CORS请求。