No 'Access-Control-Allow-Origin' - Node / Apache Port Issue

后端 未结 13 1685
有刺的猬
有刺的猬 2020-11-22 02:27

i\'ve created a small API using Node/Express and trying to pull data using Angularjs but as my html page is running under apache on localhost:8888 and node API is listen on

相关标签:
13条回答
  • 2020-11-22 03:07

    The top answer worked fine for me, except that I needed to whitelist more than one domain.

    Also, top answer suffers from the fact that OPTIONS request isn't handled by middleware and you don't get it automatically.

    I store whitelisted domains as allowed_origins in Express configuration and put the correct domain according to origin header since Access-Control-Allow-Origin doesn't allow specifying more than one domain.

    Here's what I ended up with:

    var _ = require('underscore');
    
    function allowCrossDomain(req, res, next) {
      res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
    
      var origin = req.headers.origin;
      if (_.contains(app.get('allowed_origins'), origin)) {
        res.setHeader('Access-Control-Allow-Origin', origin);
      }
    
      if (req.method === 'OPTIONS') {
        res.send(200);
      } else {
        next();
      }
    }
    
    app.configure(function () {
      app.use(express.logger());
      app.use(express.bodyParser());
      app.use(allowCrossDomain);
    });
    
    0 讨论(0)
  • 2020-11-22 03:11

    Add following code in app.js of NODEJ Restful api to avoid "Access-Control-Allow-Origin" error in angular 6 or any other framework

    var express = require('express');
    var app = express();
    
    var cors = require('cors');
    var bodyParser = require('body-parser');
    
    //enables cors
    app.use(cors({
      'allowedHeaders': ['sessionId', 'Content-Type'],
      'exposedHeaders': ['sessionId'],
      'origin': '*',
      'methods': 'GET,HEAD,PUT,PATCH,POST,DELETE',
      'preflightContinue': false
    }));
    
    0 讨论(0)
  • 2020-11-22 03:12

    You can use "$http.jsonp"

    OR

    Below is the work around for chrome for local testing

    You need to open your chrome with following command. (Press window+R)

    Chrome.exe --allow-file-access-from-files
    

    Note : Your chrome must not be open. When you run this command chrome will open automatically.

    If you are entering this command in command prompt then select your chrome installation directory then use this command.

    Below script code for open chrome in MAC with "--allow-file-access-from-files"

    set chromePath to POSIX path of "/Applications/Google Chrome.app/Contents/MacOS/Google Chrome" 
    set switch to " --allow-file-access-from-files"
    do shell script (quoted form of chromePath) & switch & " > /dev/null 2>&1 &"
    

    second options

    You can just use open(1) to add the flags: open -a 'Google Chrome' --args --allow-file-access-from-files

    0 讨论(0)
  • 2020-11-22 03:12

    /**
     * Allow cross origin to access our /public directory from any site.
     * Make sure this header option is defined before defining of static path to /public directory
     */
    expressApp.use('/public',function(req, res, next) {
        res.setHeader("Access-Control-Allow-Origin", "*");
        // Request headers you wish to allow
        res.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
        // Set to true if you need the website to include cookies in the requests sent
        res.setHeader('Access-Control-Allow-Credentials', true);
        // Pass to next layer of middleware
        next();
    });
    
    
    /**
     * Server is about set up. Now track for css/js/images request from the 
     * browser directly. Send static resources from "./public" directory. 
     */
    expressApp.use('/public', express.static(path.join(__dirname, 'public')));
    If you want to set Access-Control-Allow-Origin to a specific static directory you can set the following.

    0 讨论(0)
  • 2020-11-22 03:16

    Hi this happens when the front end and backend is running on different ports. The browser blocks the responses from the backend due to the absence on CORS headers. The solution is to make add the CORS headers in the backend request. The easiest way is to use cors npm package.

    var express = require('express')
    var cors = require('cors')
    var app = express()
    app.use(cors())
    

    This will enable CORS headers in all your request. For more information you can refer to cors documentation

    https://www.npmjs.com/package/cors

    0 讨论(0)
  • 2020-11-22 03:19

    Another way, is simply add the headers to your route:

    router.get('/', function(req, res) {
        res.setHeader('Access-Control-Allow-Origin', '*');
        res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE'); // If needed
        res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type'); // If needed
        res.setHeader('Access-Control-Allow-Credentials', true); // If needed
    
        res.send('cors problem fixed:)');
    });
    
    0 讨论(0)
提交回复
热议问题