我使用碼頭運行一個前端反應應用程序和一個節點/快遞API。 反應應用程序在localhost:3000
上運行,API正在localhost:9000
上運行。他們都是功能齊全的工作應用程序。然而,當我試圖讓從應用程序做出反應REST調用來http://localhost:9000/api/whatever
我收到以下錯誤沒有'Access-Control-Allow-Origin'反應快速碼頭應用程序
XMLHttpRequest cannot load http://localhost:9000/api/schedule. No
Access-Control-Allow-Origin' header is present on the requested
resource. Origin 'http://localhost:3000' is therefore not allowed access.`
這是我表達我的API文件server.js:
const express = require('express');
const port = process.env.PORT || 9000;
const app = express();
require('./app/routes')(app);
app.use(function(req, res, next) {
// Website you wish to allow to connect
res.setHeader('Access-Control-Allow-Origin', 'http://localhost:3000');
// Request methods you wish to allow
res.setHeader('Access-Control-Allow-Methods', 'GET');
// Request headers you wish to allow
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
// Set to true if you need the website to include cookies in the requests sent
// to the API (e.g. in case you use sessions)
res.setHeader('Access-Control-Allow-Credentials', true);
// Pass to next layer of middleware
next();
});
app.listen(port,() => {
console.log('listening on port : ' + port);
})
不知道是什麼我在這裏失蹤。
Chrome的網絡標籤:
Request URL:http://localhost:9000/api/schedule
Request Method:GET
Status Code:200 OK
Remote Address:[::1]:9000
Response Headers
view source
Connection:keep-alive
Content-Length:86
Content-Type:application/json; charset=utf-8
Date:Mon, 10 Apr 2017 04:40:06 GMT
ETag:W/"56-l2wi6AdD2GGTOMvRjRYO96YmR0w"
X-Powered-By:Express
Request Headers
view source
Accept:application/json, text/plain, */*
Accept-Encoding:gzip, deflate, sdch, br
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Host:localhost:9000
Origin:http://localhost:3000
Referer:http://localhost:3000/
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.87 Safari/537.36
首先,你是否只做GET請求?其次,你是否在你的請求中設置了任何「非標準」標題?第三,發佈瀏覽器代碼太難了嗎? –
是的API現在只有GET。不設置任何不標準的東西。只需使用axios.get()。將更新與網絡選項卡 – erichardson30
好吧,肯定沒有CORS標題在'響應頭' –