No 'Access-Control-Allow-Origin' - Node / Apache Port Issue

后端 未结 13 1687
有刺的猬
有刺的猬 2020-11-22 02:27

i\'ve created a small API using Node/Express and trying to pull data using Angularjs but as my html page is running under apache on localhost:8888 and node API is listen on

相关标签:
13条回答
  • 2020-11-22 03:19

    This worked for me.

    app.get('/', function (req, res) {
    
        res.header("Access-Control-Allow-Origin", "*");
        res.send('hello world')
    })
    

    You can change * to fit your needs. Hope this can help.

    0 讨论(0)
  • 2020-11-22 03:21

    Try adding the following middleware to your NodeJS/Express app (I have added some comments for your convenience):

    // Add headers
    app.use(function (req, res, next) {
    
        // Website you wish to allow to connect
        res.setHeader('Access-Control-Allow-Origin', 'http://localhost:8888');
    
        // Request methods you wish to allow
        res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
    
        // Request headers you wish to allow
        res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
    
        // Set to true if you need the website to include cookies in the requests sent
        // to the API (e.g. in case you use sessions)
        res.setHeader('Access-Control-Allow-Credentials', true);
    
        // Pass to next layer of middleware
        next();
    });
    

    Hope that helps!

    0 讨论(0)
  • 2020-11-22 03:24
    app.all('*', function(req, res,next) {
        /**
         * Response settings
         * @type {Object}
         */
        var responseSettings = {
            "AccessControlAllowOrigin": req.headers.origin,
            "AccessControlAllowHeaders": "Content-Type,X-CSRF-Token, X-Requested-With, Accept, Accept-Version, Content-Length, Content-MD5,  Date, X-Api-Version, X-File-Name",
            "AccessControlAllowMethods": "POST, GET, PUT, DELETE, OPTIONS",
            "AccessControlAllowCredentials": true
        };
    
        /**
         * Headers
         */
        res.header("Access-Control-Allow-Credentials", responseSettings.AccessControlAllowCredentials);
        res.header("Access-Control-Allow-Origin",  responseSettings.AccessControlAllowOrigin);
        res.header("Access-Control-Allow-Headers", (req.headers['access-control-request-headers']) ? req.headers['access-control-request-headers'] : "x-requested-with");
        res.header("Access-Control-Allow-Methods", (req.headers['access-control-request-method']) ? req.headers['access-control-request-method'] : responseSettings.AccessControlAllowMethods);
    
        if ('OPTIONS' == req.method) {
            res.send(200);
        }
        else {
            next();
        }
    
    
    });
    
    0 讨论(0)
  • 2020-11-22 03:28

    The answer code allow only to localhost:8888. This code can't be deployed to the production, or different server and port name.

    To get it working for all sources, use this instead:

    // Add headers
    app.use(function (req, res, next) {
    
        // Website you wish to allow to connect
        res.setHeader('Access-Control-Allow-Origin', '*');
    
        // Request methods you wish to allow
        res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
    
        // Request headers you wish to allow
        res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
    
        // Set to true if you need the website to include cookies in the requests sent
        // to the API (e.g. in case you use sessions)
        res.setHeader('Access-Control-Allow-Credentials', true);
    
        // Pass to next layer of middleware
        next();
    });
    
    0 讨论(0)
  • 2020-11-22 03:32

    Install cors dependency in your project:

    npm i --save cors
    

    Add to your server configuration file the following:

    var cors = require('cors');
    app.use(cors());
    

    It works for me with 2.8.4 cors version.

    0 讨论(0)
  • 2020-11-22 03:32

    Apart from all listed answers, I had the same error

    I have both access to frontend and backend, I already added cors module app.use(cors()); Still, I was struggling with this error.

    After some debugging, I found the issue. When I upload a media which size was more than 1 MB then the error was thrown by Nginx server

    <html>
    
    <head>
        <title>413 Request Entity Too Large</title>
    </head>
    
    <body>
        <center>
            <h1>413 Request Entity Too Large</h1>
        </center>
        <hr>
        <center>nginx/1.18.0</center>
    </body>
    
    </html>
    

    But in the console of frontend, I found the error

    Access to XMLHttpRequest at 'https://api.yourbackend.com' from origin 'https://web.yourfromntend.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
    

    So It makes confusion here. But the route cause of this error was from nginx configuration. It's just because the directive client_max_body_size value has been set to 0 by default. It determines what the allowable HTTP request size can be is client_max_body_size. This directive may already be defined in your nginx.conf file located at /etc/nginx/nginx.conf Now you need to add/edit the value of the directive client_max_body_size either at http or server.

    server {
        client_max_body_size 100M;
        ...
    }
    

    Once you have set your desired value, save your changes and reload Nginx: service nginx reload

    After these changes, It's working well

    REFERENCE: https://www.keycdn.com/support/413-request-entity-too-large#:~:text=%23,processed%20by%20the%20web%20server.&text=An%20example%20request%2C%20that%20may,e.g.%20a%20large%20media%20file).

    0 讨论(0)
提交回复
热议问题