在Heroku上部署Node.js应用时出现403错误

时间:2019-12-02 23:16:26

标签: javascript node.js angular express heroku

以前,尝试使用Heroku打开Node.js应用时,我从Chrome控制台收到以下错误:

Refused to load the image 'https://browser-rpg-app.herokuapp.com/favicon.ico' because it violates the following Content Security Policy directive: "default-src 'none'". Note that 'img-src' was not explicitly set, so 'default-src' is used as a fallback.

这是403伴随的。我设法通过添加以下行来修复它:

<meta http-equiv="Content-Security-Policy" content="default-src 'self' https://ajax.googleapis.com/ajax/libs/angularjs/1.6.9/angular.min.js 'unsafe-inline'">

现在第一个错误消失了,但是我仍然遇到403。我可以在heroku local web上完美运行该应用程序,但是在我实际部署时却不能。日志内容如下:

2019-12-02T22:41:29.000000+00:00 app[api]: Build succeeded
2019-12-02T22:41:32.617542+00:00 heroku[web.1]: Starting process with command `node app.js`
2019-12-02T22:41:36.786903+00:00 heroku[web.1]: State changed from starting to up
2019-12-02T22:42:00.484013+00:00 app[web.1]: ForbiddenError: Forbidden
2019-12-02T22:42:00.484062+00:00 app[web.1]: at SendStream.error (/app/node_modules/send/index.js:270:31)
2019-12-02T22:42:00.484066+00:00 app[web.1]: at SendStream.pipe (/app/node_modules/send/index.js:553:12)
2019-12-02T22:42:00.484068+00:00 app[web.1]: at sendfile (/app/node_modules/express/lib/response.js:1103:8)
2019-12-02T22:42:00.484071+00:00 app[web.1]: at ServerResponse.sendFile (/app/node_modules/express/lib/response.js:433:3)
2019-12-02T22:42:00.484074+00:00 app[web.1]: at index (/app/routes/index.js:9:9)
2019-12-02T22:42:00.484077+00:00 app[web.1]: at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5)
2019-12-02T22:42:00.484079+00:00 app[web.1]: at next (/app/node_modules/express/lib/router/route.js:137:13)
2019-12-02T22:42:00.484081+00:00 app[web.1]: at Route.dispatch (/app/node_modules/express/lib/router/route.js:112:3)
2019-12-02T22:42:00.484083+00:00 app[web.1]: at Layer.handle [as handle_request] (/app/node_modules/express/lib/router/layer.js:95:5)
2019-12-02T22:42:00.484085+00:00 app[web.1]: at /app/node_modules/express/lib/router/index.js:281:22
2019-12-02T22:42:00.482239+00:00 heroku[router]: at=info method=GET path="/" host=browser-rpg-app.herokuapp.com request_id=845c8d30-4ca7-44f4-ab69-ae312e722b1b fwd="68.174.27.246" dyno=web.1 connect=1ms service=21ms status=403 bytes=380 protocol=https

如您所见,没有任何有用的消息或说明,只是说禁止。我真的不知道问题可能出在哪里,但是这里有很多重要/相关的文件:

app.js:

const express = require("express");

const configRoutes = require("./routes");
const static = express.static(__dirname + '/public');
const app = express();

app.use("/public", static);

var bodyParser = require('body-parser');
app.use(bodyParser.json());
app.use(bodyParser.urlencoded({ extended: true }));

const cookieParser = require("cookie-parser");
app.use(cookieParser());

configRoutes(app);


app.listen(process.env.PORT || 3000, () => {
    console.log("The application is running on http://localhost:3000");

    if (process && process.send) process.send({done: true});
});

package.json:

{
  "name": "browserrpg",
  "version": "1.0.0",
  "description": "",
  "main": "app.js",
  "engines": {
    "node": "10.16.3"
  },
  "dependencies": {
    "angular": "^1.7.2",
    "angular-route": "^1.7.2",
    "body-parser": "^1.18.3",
    "cookie-parser": "^1.4.3",
    "express": "^4.16.3",
    "mongodb": "^3.1.1",
    "npm": "^6.2.0",
    "uuid": "^3.3.2"
  },
  "devDependencies": {},
  "scripts": {
    "test": "echo \"Error: no test specified\" && exit 1",
    "start": "node app.js"
  },
  "repository": {
    "type": "git",
    "url": (git url here, removed for privacy)
  },
  "author": "",
  "license": "ISC",
}

Procfile:

web: node app.js

在相关的情况下,这是Heroku调用的“ /”路由:

const index = (req, res) => {
    res.sendFile(path.join(__dirname, "..\\public\\html", "index.html"));
    return;
}

这是设置所有路由的构造函数:

const constructorMethod = app => {
    app.get("/", index);
    app.get("/game", gameGet);
    app.post("/game", gamePost);

    app.use("*", (req, res) => {
        res.status(404).json({ error: "Not found" });
    });
  };

这也是我的文件结构:

BrowserRPG
│   README.md
│   Procfile
|   app.js
|   mongoCollections.js
|   mongoConnection.js
|   package.json
|   settings.json
│
└───data
    │   enemydata.js
    │   gamecalc.js
    |   gamedata.js
    |   index.js
    │
│   
└───public
    │   
    └───css
        |   main.css
    |
    └───html
        |   game.html
        |   index.html
    |
    └───js
        |   angular.js
        |   angularActiveGame.js
|
└───routes
    |   index.js

我还在使用mongodb数据库,但考虑到我什至还没有尝试将其连接到Heroku,并且您不需要运行数据库,因此我认为这不是问题的根源转到应用程序的第一页。这里是否有可能引起错误的东西?谢谢。

1 个答案:

答案 0 :(得分:0)

所以我终于弄清楚了,解决方案实际上很烦人。在我的“ /” GET路径中,该路径包含一个..,该路径被认为是恶意的,因此被拒绝。我将其更改为:

res.sendFile(path.join(appRoot, "public/html", "index.html"));

appRoot是一个全局变量,它指向应用程序的根目录。希望这对可能遇到类似问题的人有所帮助。

相关问题
最新问题