Access-Control-Allow-Header不允许使用Access-Control-Allow-Origin
彭金|
我有两个单独的服务器,一个是带有节点的nginx,另一个是带有django-rest-framework的django,用于构建ding REST API,nginx负责REST API请求,节点负责客户端请求,我也使用polymer用于前端。下面是一个简短说明:
机器一:
nginx:192.168.239.149:8888 (API listening address) forward to 192.168.239.147:8080
node:192.168.239.149:80 (client listening address)
机器二:
unicorn:192.168.239.147:8080(listening address)
该过程是当请求进入时,节点服务器(192.168.239.149:80)响应以返回html,在html中,AJAX请求中请求一个PI Server(nginx:192.168.239.149:8888 forward to unicorn:192.168.239.147:8080),然后unicorn(192.168.239.147:8080)返回结果。
但是有一个CORS问题,我读了很多文章,很多人也遇到了同样的问题,我尝试了很多方法,但是没有帮助。仍然出错。
我得到的是:
那是:
XMLHttpRequest cannot load http://192.168.239.149:8888/article/. Request header field Access-Control-Allow-Origin is not allowed by Access-Control-Allow-Headers.
我所做的是:
<core-ajax auto headers='{"Access-Control-Allow-Origin":"*","X-Requested-With": "XMLHttpRequest"}' url="http://192.168.239.149:8888/article/" handleAs="json" response="{{response}}"></core-ajax>
nginx:
http {
include mime.types;
default_type application/octet-stream;
access_log /tmp/nginx.access.log;
sendfile on;
upstream realservers{
#server 192.168.239.140:8080;
#server 192.168.239.138:8000;
server 192.168.239.147:8080;
}
server {
listen 8888 default;
server_name example.com;
client_max_body_size 4G;
keepalive_timeout 5;
location / {
add_header Access-Control-Allow-Origin *;
try_files $uri $uri/index.html $uri.html @proxy_to_app;
}
location @proxy_to_app{
add_header Access-Control-Allow-Origin *;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
#proxy_set_header X-Real-IP $remote_addr;
proxy_redirect off;
proxy_pass http://realservers;
}
}
}
节点:
app.listen(80, function() {
console.log('server.js running');
});
独角兽:
return Response(serializer.data,headers={'Access-Control-Allow-Origin':'*',
'Access-Control-Allow-Methods':'GET',
'Access-Control-Allow-Headers':'Access-Control-Allow-Origin, x-requested-with, content-type',
})
因为,我对CORS没有太多的经验,并且我想彻底地理解它,所以有人可以指出我在这里做错了什么,我将非常感谢!
彭金|
哇,太激动了,我自己解决了这一切,这是我做的错是我发送的请求标头未包含在nginx配置中 add_header 'Access-Control-Allow-Headers'
完整的nginx配置:
http {
include mime.types;
default_type application/octet-stream;
access_log /tmp/nginx.access.log;
sendfile on;
upstream realservers{
#server 192.168.239.140:8080;
#server 192.168.239.138:8000;
server 192.168.239.147:8080;
}
server {
listen 8888 default;
server_name example.com;
client_max_body_size 4G;
keepalive_timeout 5;
location / {
add_header Access-Control-Allow-Origin *;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Access-Control-Allow-Orgin,XMLHttpRequest,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With';
try_files $uri $uri/index.html $uri.html @proxy_to_app;
}
location @proxy_to_app{
add_header Access-Control-Allow-Origin *;
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'Access-Control-Allow-Orgin,XMLHttpRequest,Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With';
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
#proxy_set_header X-Real-IP $remote_addr;
proxy_redirect off;
proxy_pass http://realservers;
}
}
}
因为我的要求是:
core-ajax auto headers='{"Access-Control-Allow-Origin":"*","X-Requested-With": "XMLHttpRequest"}' url="http://192.168.239.149:8888/article/" handleAs="json" response="{{response}}"></core-ajax>
我没有在Nginx配置中包含Access-Control-Allow-Origin和XMLHttpRequest标头Access-Control-Allow-Headers,所以这就是问题所在。
我希望它对遇到同样问题的人有用!
本文收集自互联网,转载请注明来源。
如有侵权,请联系[email protected] 删除。
编辑于
相关文章
Related 相关文章
- 1
Access-Control-Allow-Origin不允许使用Rails 3和Angularjs Origin http:// localhost。
- 2
Cordova iOS错误:Access-Control-Allow-Origin不允许使用Origin null
- 3
捕获“ Access-Control-Allow-Origin不允许使用Origin”错误
- 4
Chrome-Origin null不允许被Access-Control-Allow-Origin使用
- 5
Safari上使用通用分析的Access-Control-Allow-Origin不允许使用
- 6
Safari的CORS问题:Access-Control-Allow-Origin不允许使用起源
- 7
Access-Control-Allow-Origin不允许使用原始http:// localhost。
- 8
Access-Control-Allow-Origin不允许使用来源https://demo.example.com
- 9
Access-Control-Allow-Origin不允许使用原始http:// localhost。
- 10
Angular.js / Sails.js:Access-Control-Allow-Headers不允许Access-Control-Allow-Origin
- 11
Soundcloud API-Access-Control-Allow-Origin不允许Origin <mysite>
- 12
Chrome-Origin null不允许Access-Control-Allow-Origin
- 13
Access-Control-Allow-Origin 不允许 Origin 没有解决方案
- 14
Android Web视图中的Access-Control-Allow-Origin.:1不允许使用Origin无效吗?
- 15
Twitter:仅应用程序身份验证错误Access-Control-Allow-Origin不允许使用Origin null
- 16
AngularJS:无法加载资源:Chrome中的Access-Control-Allow-Origin不允许使用Origin null
- 17
Access-Control-Allow-Origin:当凭据标志为true时不允许使用“ *”,但没有Access-Control-Allow-Credentials标头
- 18
Chrome扩展程序-Access-Control-Allow-Origin不允许
- 19
XMLHttpRequest无法加载URL。Access-Control-Allow-Origin不允许的来源
- 20
Laravel中不允许任何'Access-Control-Allow-Origin'标头
- 21
$ .ajax调用中不允许Access-Control-Allow-Origin
- 22
Laravel中不允许任何'Access-Control-Allow-Origin'标头
- 23
Ajax API调用Access-Control-Allow-Origin。不允许来源访问
- 24
不允许请求标头字段Access-Control-Allow-Origin
- 25
https的CORS Access-Control-Allow-Origin
- 26
XMLHttpRequest 'Access-Control-Allow-Origin' 错误
- 27
不允许多个 CORS 标头“Access-Control-Allow-Origin”/缺少 CORS 标头“Access-Control-Allow-Origin”)
- 28
没有CORS标头的Access-Control-Allow-Origin不允许处理Origin http:// localhost
- 29
飞行前响应中Access-Control-Allow-Headers不允许请求标头字段Access-Control-Allow-Origin
我来说两句