发表新帖
发表新帖

No 'Access-Control-Allow-Origin' - Node / Apache Port Issue

后端 未结
关注
13 1670
有刺的猬
有刺的猬 2020-11-22 02:27

i\'ve created a small API using Node/Express and trying to pull data using Angularjs but as my html page is running under apache on localhost:8888 and node API is listen on

相关标签:
13条回答
  • 太阳男子
    2020-11-22 03:19

    This worked for me.

    app.get('/', function (req, res) {

    res.header("Access-Control-Allow-Origin", "*");
    res.send('hello world')
})

    You can change * to fit your needs. Hope this can help.

    0 讨论(0)
  • 礼貌的吻别
    2020-11-22 03:21

    Try adding the following middleware to your NodeJS/Express app (I have added some comments for your convenience):

    // Add headers
app.use(function (req, res, next) {

    // Website you wish to allow to connect
    res.setHeader('Access-Control-Allow-Origin', 'http://localhost:8888');

    // Request methods you wish to allow
    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');

    // Request headers you wish to allow
    res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');

    // Set to true if you need the website to include cookies in the requests sent
    // to the API (e.g. in case you use sessions)
    res.setHeader('Access-Control-Allow-Credentials', true);

    // Pass to next layer of middleware
    next();
});

    Hope that helps!

    0 讨论(0)
  • 粉色の甜心
    2020-11-22 03:24 
    app.all('*', function(req, res,next) {
    /**
     * Response settings
     * @type {Object}
     */
    var responseSettings = {
        "AccessControlAllowOrigin": req.headers.origin,
        "AccessControlAllowHeaders": "Content-Type,X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5,  Date, X-Api-Version, X-File-Name",
        "AccessControlAllowMethods": "POST, GET, PUT, DELETE, OPTIONS",
        "AccessControlAllowCredentials": true
    };

    /**
     * Headers
     */
    res.header("Access-Control-Allow-Credentials", responseSettings.AccessControlAllowCredentials);
    res.header("Access-Control-Allow-Origin",  responseSettings.AccessControlAllowOrigin);
    res.header("Access-Control-Allow-Headers", (req.headers['access-control-request-headers']) ? req.headers['access-control-request-headers'] : "x-requested-with");
    res.header("Access-Control-Allow-Methods", (req.headers['access-control-request-method']) ? req.headers['access-control-request-method'] : responseSettings.AccessControlAllowMethods);

    if ('OPTIONS' == req.method) {
        res.send(200);
    }
    else {
        next();
    }


});
    0 讨论(0)
  • 名媛妹妹
    2020-11-22 03:28

    The answer code allow only to localhost:8888. This code can't be deployed to the production, or different server and port name.

    To get it working for all sources, use this instead:

    // Add headers
app.use(function (req, res, next) {

    // Website you wish to allow to connect
    res.setHeader('Access-Control-Allow-Origin', '*');

    // Request methods you wish to allow
    res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');

    // Request headers you wish to allow
    res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');

    // Set to true if you need the website to include cookies in the requests sent
    // to the API (e.g. in case you use sessions)
    res.setHeader('Access-Control-Allow-Credentials', true);

    // Pass to next layer of middleware
    next();
});
    0 讨论(0)
  • 心在旅途
    2020-11-22 03:32

    Install cors dependency in your project: 

    npm i --save cors

    Add to your server configuration file the following:

    var cors = require('cors');
app.use(cors());

    It works for me with 2.8.4 cors version.

    0 讨论(0)
  • 伪装坚强ぢ
    2020-11-22 03:32

    Apart from all listed answers, I had the same error

    I have both access to frontend and backend, I already added cors module app.use(cors()); Still, I was struggling with this error.

    After some debugging, I found the issue. When I upload a media which size was more than 1 MB then the error was thrown by Nginx server

    <html>

<head>
    <title>413 Request Entity Too Large</title>
</head>

<body>
    <center>
        <h1>413 Request Entity Too Large</h1>
    </center>
    <hr>
    <center>nginx/1.18.0</center>
</body>

</html>

    But in the console of frontend, I found the error

    Access to XMLHttpRequest at 'https://api.yourbackend.com' from origin 'https://web.yourfromntend.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.

    So It makes confusion here. But the route cause of this error was from nginx configuration. It's just because the directive client_max_body_size value has been set to 0 by default. It determines what the allowable HTTP request size can be is client_max_body_size. This directive may already be defined in your nginx.conf file located at /etc/nginx/nginx.conf Now you need to add/edit the value of the directive client_max_body_size either at http or server.

    server {
    client_max_body_size 100M;
    ...
}

    Once you have set your desired value, save your changes and reload Nginx: service nginx reload

    After these changes, It's working well

    REFERENCE: https://www.keycdn.com/support/413-request-entity-too-large#:~:text=%23,processed%20by%20the%20web%20server.&text=An%20example%20request%2C%20that%20may,e.g.%20a%20large%20media%20file).

    0 讨论(0)
 看不清?
提交回复
热议问题