[翻译]  Angularjs / sailsjs :Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers

[CHINESE]  Angularjs / sailsjs:Access-Control-Allow-Headers不允许使用Access-Control-Allow-Origin


I am struggling on an issue with cors between angular js and sails.js (node.js framework)

我在角度js和sails.js(node.js框架)之间的角色问题上苦苦挣扎

I try to fix the error: XMLHttpRequest cannot load http://localhost:1337/en/auth/forgetpass/email. Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers.

我尝试修复错误:XMLHttpRequest无法加载http:// localhost:1337 / en / auth / forgetpass / email。请求标头字段Access-Control-Allow-Origin不允许Access-Control-Allow-Origin。

When I do not activate my interceptor it works well. I do not have this error. When I activate it, I have the error.

当我不激活我的拦截器时它运作良好。我没有这个错误。当我激活它时,我有错误。

In my .config I setup the code below:

在我的.config中,我设置了以下代码:

  //Enable cross domain calls
$httpProvider.defaults.useXDomain = true;
delete $httpProvider.defaults.headers.common['X-Requested-With'];

$httpProvider.defaults.headers.common['Access-Control-Allow-Headers'] = '*';
$httpProvider.defaults.headers.common['Access-Control-Allow-Origin'] = '*';
$httpProvider.defaults.headers.common['Access-Control-Allow-Methods'] = 'GET,POST,PUT,HEAD,DELETE,OPTIONS';

$httpProvider.interceptors.push('TokenInterceptor');

Then in my interceptor I setup the code below:

然后在我的拦截器中我设置下面的代码:

    return {
    request: function (config) {
      var id = Session.getprop('id');
      if(id) {
        config.headers = config.headers || {};
        config.headers.Authorization = 'Bearer ' + id;
      }
        return config;
    }, ...

Finally, the result from the chrome network tab is:

最后,chrome网络标签的结果是:

Remote Address:127.0.0.1:1337
Request URL:http://localhost:1337/en/auth/forgetpass/email
Request Method:OPTIONS
Status Code:200 OK

Response Headers
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:*
Access-Control-Allow-Methods:GET, POST, PUT, DELETE, OPTIONS, HEAD
Access-Control-Allow-Origin:*
Allow:GET,POST,PUT,HEAD,DELETE,TRACE,COPY,LOCK,MKCOL,MOVE,PROPFIND,PROPPATCH,UNLOCK,REPORT,MKACTIVITY,CHECKOUT,MERGE,M-SEARCH,NOTIFY,SUBSCRIBE,UNSUBSCRIBE,PATCH
Connection:keep-alive
Content-Length:154
Content-Type:text/html; charset=utf-8
Date:Sun, 12 Apr 2015 23:51:14 GMT
Set-Cookie:sails.sid=s%3A-bZxQgFntbDqTtaFyWDFFgFr.szR0F68VfIBjVW9kyans9d6v5fz7RMtalQCoMFdbH%2Fg; Path=/;   HttpOnly
X-Powered-By:Sails <sailsjs.org>

Request Headers
Accept:*/*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:access-control-allow-origin, accept, access-control-allow-headers, access-control-allow-methods
Access-Control-Request-Method:POST
Connection:keep-alive
Host:localhost:1337
Origin:http://localhost:9000
Referer:http://localhost:9000/
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.118 Safari/537.36

And I still get the same error. An idea?

我仍然得到同样的错误。一个主意?

Many thanks!

非常感谢!

2 个解决方案

#1


9  

Ok I finally found the issue.

好的,我终于找到了这个问题。

I compared the response and request headers with interceptor and with it.

我将响应和请求标头与拦截器及其进行了比较。

I change my code as below and it works.

我改变我的代码如下,它的工作原理。

In app.js of angularjs

在angularjs的app.js中

I commented all the headers part.

我评论了所有标题部分。

   //Enable cross domain calls
  /*  $httpProvider.defaults.useXDomain = true;

//Remove the header used to identify ajax call  that would prevent CORS from working
delete $httpProvider.defaults.headers.common['X-Requested-With'];

$httpProvider.defaults.headers.common['Access-Control-Allow-Headers'] = 'origin, content-type, accept';
$httpProvider.defaults.headers.common['Access-Control-Allow-Origin'] = '*';
$httpProvider.defaults.headers.common['Access-Control-Allow-Methods'] = 'GET,POST,PUT,HEAD,DELETE,OPTIONS';*/

$httpProvider.interceptors.push('TokenInterceptor');

And in my sails.js cors setup config I commented methods and headers. And it works well.

在我的sails.js cors setup config中我评论了方法和标题。它运作良好。

    module.exports.cors = {

  /***************************************************************************
  *                                                                          *
  * Allow CORS on all routes by default? If not, you must enable CORS on a   *
  * per-route basis by either adding a "cors" configuration object to the    *
  * route config, or setting "cors:true" in the route config to use the      *
  * default settings below.                                                  *
  *                                                                          *
  ***************************************************************************/

   allRoutes: true,

  /***************************************************************************
  *                                                                          *
  * Which domains which are allowed CORS access? This can be a               *
  * comma-delimited list of hosts (beginning with http:// or https://) or    *
  * "*" to allow all domains CORS access.                                    *
  *                                                                          *
  ***************************************************************************/

   origin: '*',

  /***************************************************************************
  *                                                                          *
  * Allow cookies to be shared for CORS requests?                            *
  *                                                                          *
  ***************************************************************************/

   credentials: true

  /***************************************************************************
  *                                                                          *
  * Which methods should be allowed for CORS requests? This is only used in  *
  * response to preflight requests (see article linked above for more info)  *
  *                                                                          *
  ***************************************************************************/

  // methods: 'GET, POST, PUT, DELETE, OPTIONS, HEAD',

  /***************************************************************************
  *                                                                          *
  * Which headers should be allowed for CORS requests? This is only used in  *
  * response to preflight requests.                                          *
  *                                                                          *
  ***************************************************************************/

  // headers: 'origin, content-type, accept'

};

#2


0  

Have you tried setting the origin and methods in /config/cors.js ?

您是否尝试在/config/cors.js中设置原点和方法?

and also you can find more information on this page Sails.Config.CORS

您还可以在此页面上找到更多信息Sails.Config.CORS


注意!

本站转载的文章为个人学习借鉴使用,本站对版权不负任何法律责任。如果侵犯了您的隐私权益,请联系我们删除。



猜您在找
Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers in preflight response Angularjs Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers in preflight response Origin is not allowed by Access-Control-Allow-Origin Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers in preflight response Request header field Access-Control-Allow-Headers is not allowed by Access-Control-Allow-Headers RESTful webservice : how to set headers in java to accept XMLHttpRequest allowed by Access-Control-Allow-Origin XMLHttpRequest cannot load Origin is not allowed by Access-Control-Allow-Origin
相关教程
【No46】Java菜鸟到大牛学习路线之高级篇 【No44】Java菜鸟到大牛学习路线培训教程 【No254】冲击年薪50万之机器学习到深度学习学习路线教程 【No117】机器学习人工智能数学应用基础视频学习路线 【No45】Java菜鸟到大牛学习路线之实战篇 【No131】大数据学习从入门到精通学习路线视频教程 100G 【No171】冲击年薪50万之从数学基础python机器学习到深度学习算法学习路线视频教程 共321G 【No253】年薪50万!从python基础到人工智能机器学习深度学习攀登之路学习路线视频教程下载 总共300G
赞助商广告
 
© 2014-2018 ITdaan.com 粤ICP备14056181号