我从一个域/服务器的前端进行了ajax调用(将称为此PublicDomain),并将其发布到另一台服务器上的Node / Express JS应用程序(将称为此NodeDomain)。在PublicDomain上安装SSL之前,所有这些工作都非常完美。因此,我为NodeDomain分配了一个FQDN并在该域上也放置了SSL,以避免混合内容错误。 NodeDomain侦听端口3000,该端口显然未被SSL覆盖(仅覆盖端口443)。我尝试将请求从NodeDomain的前端页面(端口443)重定向到端口3000。获取CORS违规错误。我尝试使用CORS节点包,但仍然收到错误。我尝试在两个站点上设置标头(“ Access-Control-Allow-Origin”,“ *”)。仍然得到错误。即使我可以让CORS接受跨源共享,但是如果浏览器可以看到301重定向(我发现它确实在开发人员控制台中识别出了这种情况),恐怕仍然会遇到混合内容问题。那么...是否有更好的方法将数据从一台服务器的公共前端获取到另一台服务器的节点应用程序(并返回响应)?如果没有更好的方法,也许我的代码有问题,我将在下面粘贴我的server.js文件。只是Ajax在其下面的公共服务器中起作用。通过删除较大的功能(设置器),我使操作变得更简单。
const express = require('express');
const cors = require('cors');
const ethers = require('ethers');
const dotenv = require('dotenv');
const https = require('https');
dotenv.config();
const port = 3000;
// the code below did not help:
// app.use(function (req, res, next) {
// res.header("Access-Control-Allow-Origin", "*");
// res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
// next();
// });
// also tried putting the following in the response, but did not fix the issue:
// res.send(req.setRequestHeader('Access-Control-Allow-Headers',' *'));
const app = express();
// this also does not help:
app.use(cors());
app.use(express.urlencoded({
extended: true
}));
app.use(express.json());
listenToPort();
app.post('/save', cors(), function(req, res) {
// the following line does not help:
res.header("Access-Control-Allow-Origin", "*");
console.log("remote connected to port " + port);
if (req.body.action && req.body.action == "getLoad") {
if (req.body.loadIndex) {
var loadIndex = req.body.loadIndex;
} else {
var loadIndex = 999;
}
let now = Date().toString();
const infura = `https://ropsten.infura.io/v3/${process.env.INFURA_API_KEY}`;
var abi = process.env.ABI;
const contractAddress = process.env.CONTRACT_ADDRESS; //Contract Address
let provider = new ethers.providers.InfuraProvider('ropsten', process.env.INFURA_API_KEY);
let contract = new ethers.Contract(contractAddress, JSON.parse(abi), provider);
contract.loads(loadIndex).then((loadInfo) => {
res.send(loadInfo);
});
}
});
function listenToPort() {
// before SSL certificate:
// app.listen(port, () => console.log('App listening on port :' + port));
// I tried using openSSL. Pointless to try to connect directly to port 3000 since it's self-signed returns a certificate error, but seemed to temporarily get rid of the mixed content error when connecting to 443 & redirecting from port 443 to port 3000:
https.createServer({
key: fs.readFileSync('./key.pem'),
cert: fs.readFileSync('./cert.pem'),
passphrase: '*********'
}, app)
.listen(port, function() {
console.log('App listening on port :' + port);
});
}
PublicServer的Ajax函数以防万一:
jQ.ajax({
method: "POST",
url: "https://nodeserver.io/save",
data: {loadIndex, action: "getLoad"},
success: function (response) {
spinner(0, "done");
jQ("#bcRow"+row).html('<div class="col loadID">'+parseInt(response[0]._hex)+'</div><div class="col time">'+response[3]+'</div><div class="col lat">'+response[1]+'</div><div class="col lon">'+response[2]+'</div><div class="col verify"></div>');
},
error: function (error) {
spinner(0, "done");
jQ("#summary").prepend('<span class="errorSummary">There was an error: ' + JSON.stringify(error) + '</span><br>');
}
})