如何在所有文件上启用express.js 4.x上的CORS?
我不断收到
跨源请求被阻止:相同来源策略不允许阅读http://example.com:2013/socket.io/?EIO=3&transport=polling&t=1433950808025-0的远程资源。 (原因:CORS请求失败)。
而我尝试访问我的node.js。 这对我不起作用:
app.use(function(req, res, next) { res.header("Access-Control-Allow-Origin", "*"); res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept"); next(); }); @edit:这是更新完整的代码:
var express = require('express'); var http = require('http'); var expressvar = express(); expressvar.use(function (req, res, next) { res.setHeader('Access-Control-Allow-Headers', 'accept, authorization, content-type, x-requested-with'); res.setHeader('Access-Control-Allow-Methods', 'GET,HEAD,PUT,PATCH,POST,DELETE'); res.setHeader('Access-Control-Allow-Origin', req.header('origin')); next(); }); expressvar.use(express.static('../')); expressvar.use("/socket.io", express.static('../socket.io')); var app = http.createServer(expressvar); var io = require('socket.io').listen(app); app.listen(2013);
试试这个解决scheme(编辑包含完整的工作代码)
var app = require('express')(); var server = require('http').Server(app); var io = require('socket.io')(server); io.set('origins', '*:*'); app.use(function(req, res, next) { res.header('Access-Control-Allow-Origin', req.get('Origin') || '*'); res.header('Access-Control-Allow-Credentials', 'true'); res.header('Access-Control-Allow-Methods', 'GET,HEAD,PUT,PATCH,POST,DELETE'); res.header('Access-Control-Expose-Headers', 'Content-Length'); res.header('Access-Control-Allow-Headers', 'Accept, Authorization, Content-Type, X-Requested-With, Range'); if (req.method === 'OPTIONS') { return res.send(200); } else { return next(); } }); server.listen(80); app.get('/', function (req, res) { res.send('OK'); }); io.on('connection', function (socket) { socket.emit('news', { hello: 'world' }); socket.on('my other event', function (data) { console.log(data); }); });
Cors包做这个
// npm install --save cors var express = require('express'); var cors = require('cors'); var app = express(); app.use(cors()); app.use(express.static()); app.get('*', function(){}); require('http').createServer(app).listen(3000)
尝试使用res.setHeader代替。
这个例子适用于我:
app.use(function (req, res, next) { res.setHeader('Access-Control-Allow-Headers', 'accept, authorization, content-type, x-requested-with'); res.setHeader('Access-Control-Allow-Methods', 'GET,HEAD,PUT,PATCH,POST,DELETE'); res.setHeader('Access-Control-Allow-Origin', req.header('origin')); next(); });
我有这个麻烦了很长一段时间你有一个app.configure函数? 如果是这样的话,结果是为我工作。
app.configure(function() { app.set('port', 3000); app.set('views', __dirname + '/views'); app.set('view engine', 'jade'); app.use(express.favicon()); app.use(express.logger('dev')); app.use(express.bodyParser()); app.use(express.methodOverride()); app.use(app.router); app.use(express.urlencoded()); app.use(express.json()); app.all('/*', function(req, res, next) { res.header('Access-Control-Allow-Origin', '*'); next(); });
在你的app.js里面添加下面这行代码:
var app = require('express')(); var server = require('http').Server(app); var io = require('socket.io')(server); server.listen(9081); app.all('*', function(req, res, next){ origin = req.get('Origin') || '*'; res.set('Access-Control-Allow-Origin', origin); res.set('Access-Control-Allow-Methods', 'GET, POST, OPTIONS'); res.set('Access-Control-Expose-Headers', 'Content-Length'); res.set('Access-Control-Allow-Credentials', 'true'); res.set('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type'); // add the list of headers your site allows. if ('OPTIONS' == req.method) return res.send(200); next(); }); app.get('/', function (req, res) { res.sendfile(__dirname + '/index.html'); }); io.on('connection', function (socket) { socket.emit('news', { hello: 'world' }); socket.on('my other event', function (data) { console.log(data); }); });