jquery ajax https调用给出ERR_INSECURE_RESPONSE
我正在尝试从jquery到node.js进程进行https CORS ajax调用。 但是,当任何时候在控制台OPTIONS https://localhost/ net::ERR_INSECURE_RESPONSE进行调用chrome抱怨。
看一个类似的堆栈溢出的问题, 跨域请求从HTTP到HTTPS立即中止我应该能够使跨越来源https ajax调用,如果我导入自我签署的证书我作出。 所以我把这个证书导入了chrome。 我可以在权限下的chromepipe理证书选项卡中看到证书。 但是当我尝试ajax调用时它仍然失败。
这是我的私钥: openssl genrsa -out domain.key 4096
现在cert: openssl req -x509 -sha512 -nodes -newkey rsa:4096 -keyout domain.key -out domain.crt
对于通用名称,我把电脑的IP地址,以便铬不会抱怨URL不匹配。
这是html页面。
<!DOCTYPE html> <html> <title>BlackBox</title> <head> <meta charset="utf-8"> <script src="jquery-1.11.2.min.js"></script> <script src="bootstrap-3.3.4-dist/js/bootstrap.min.js"></script> <script src="login.js"></script> </head> <body> <div class="container-fluid"> <div class="row"> <div class=col-md-4> <h2> Welcome to BlackBox</h2> <label>username</label> <input type="text" name="username" id="username"> <label>password</label> <input type ="text" name="password" id="password"> <input type="button" id="loginbtn" value="Login"/> <div class="container"> <div class="row"> <div class="out"></div> </div> </div> </div> </div> </div> </body> </html>
这是与HTML一起的JavaScript。
$(document).ready(function() { $('#loginbtn').click(clickLogin); function clickLogin() { var username = $('#username').val(); var password = $('#password').val(); if(password == '' || username == '') { $(".out").html("Empty username or password"); } else { $.ajax({ type: "PUT", url: "https://localhost/", contentType: "application/json", data: JSON.stringify({ username: username, password: password, }), dataType: "text", }) } }; });
最后这里是服务于html和javascript的节点进程,并且假设接收ajax调用。
const fs = require("fs"); const http = require('http'); const https = require('https'); var loginPage = fs.readFileSync('login.html'); var loginPageJs = fs.readFileSync('login.js'); var jquery = fs.readFileSync('jquery-1.11.2.js'); var bootstrap = fs.readFileSync('bootstrap-3.3.4-dist/js/bootstrap.min.js') var options = { key: fs.readFileSync('domain.key'), cert: fs.readFileSync('domain.crt') }; http.createServer(function(req, res) { res.writeHead(301, {Location: 'https:192.168.1.58/'}) res.end(); }).listen(80); https.createServer(options, function(req, res) { if(req.method === 'GET' && req.url === '/') { res.writeHead(200, "OK", {'Content-Type': 'text/html'}); res.write(loginPage); res.end(); } else if(req.method === 'GET' && req.url === '/login.js') { res.writeHead(200, "OK", {'Content-Type': 'application/javascript'}); res.write(loginPageJs); res.end(); } else if(req.method === 'GET' && req.url === '/jquery-1.11.2.js') { res.writeHead(200, "OK", {'Content-Type': 'application/javascript'}); res.write(jquery); res.end(); } else if(req.method === 'GET' && req.url === '/bootstrap-3.3.4- dist/js/bootstrap.min.js') { res.writeHead(200, "OK", {'Content-Type': 'application/javascript'}); res.write(bootstrap); res.end(); } else if(req.method === "OPTIONS" && req.url === '/') { res.writeHead(204, "No Content", { "access-control-allow-origin": origin, "access-control-allow-methods": "GET, POST, PUT, DELETE, OPTIONS", "access-control-allow-headers": "content-type, accept", "access-control-max-age": 10, "content-length": 0 }); var requestBodyBuffer = []; req.on("data", function(chunk) { requestBodyBuffer.push(chunk); }) req.on("end", function() { var requestBody = requestBodyBuffer.join(""); var obj = JSON.parse(requestBody); if(obj.hasOwnProperty('username') && obj.hasOwnProperty('password')) { console.log(obj.username); console.log(obj.password); } }) } }).listen(443);
最近我写了一个whois查询应用程序,我也有这个问题,但最后检查所有的可能性后,它正常工作。
这是一个用于生成自签名证书的有用文章:
***在代码中的评论将帮助你****
index.js代码:
function checkAvailability(domainParsed) { $.ajax({ method : "GET", url : "https://localhost:55555/check", // Pay attention To This Line "Content-Type" : "application/json", data : {domain : domainParsed , array : postFixesArray } }).done(function(data) { availableDomanisToShow = data.availableDomains; registeredDomanisToShow = data.registeredDomains; }); }
server.js代码:
var bodyParser = require("body-parser") ; var unirest = require('unirest'); var https = require('https'); var http = require('http'); var fs = require('fs'); var express = require('express'); var app = express(); var registeredDomains = []; var availableDomains = []; var counter = 0 , i = 0; app.use(bodyParser.json({ type: 'application/json'})) ; app.use(bodyParser.urlencoded({ extended:true })) ; app.use(function(req, res, next) { res.header("Access-Control-Allow-Origin", "*"); // Pay attention To This Line --> Cross domain request res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept"); // Pay attention To This Line --> Cross domain request next(); }); app.use("/check",function(req,resp,next) { var fqdn,postfix; availableDomains = []; registeredDomains = [] while( i < req.query.array.length) { fqdn = req.query.domain + req.query.array[i]; postfix = req.query.array[i]; checkAvailability(fqdn,postfix,req.query.array.length); console.log(req.query.array.length) i++; } function checkAvailability(domain,postfix,length) { unirest.get('https://jsonwhois.com/api/v1/whois').headers({ 'Accept': 'application/json', 'Authorization': 'Token token=238d7da7fac57882a176cb14411d781a' }).query({ "domain" : domain }).end(function(response) { console.log(domain , response.body['available?']); if(true != response.body['available?']) { registeredDomains.push(postfix); counter++; if(counter == length) { counter = 0 ; i = 0; resp.json( { "registeredDomains" : registeredDomains , "availableDomains" : availableDomains } ); } } else { availableDomains.push(postfix); counter++; if(counter == length) { counter = 0 ; i = 0; resp.json( { "registeredDomains" : registeredDomains , "availableDomains" : availableDomains } ); } } }); } }); https.createServer({ key: fs.readFileSync('key.pem'), cert: fs.readFileSync('cert.pem') }, app).listen(55555); http.createServer(app).listen(8000); console.log("httpsServer are Listening on " + 55555); console.log("httpServer are Listening on " + 8000);