Fatal编程技术网
  • flask/
  • Flask firefox不允许CORS请求

Flask firefox不允许CORS请求

flask

Flask firefox不允许CORS请求,flask,Flask,vuejs在docker容器内运行,由以下人员提供服务: CMD [ "http-server", "dist" ] 在Vue.js mounted()中使用axios对flask api执行GET请求时,它会在网络选项卡中显示“阻塞”,访问其他REST-api可以正常工作 使用curl进行测试(localhost:6000为flask服务器): -curl正在从我真正的主机运行并连接到容器 curl -H "Origin: http://localhost:5000" -H "Acce

vuejs在docker容器内运行,由以下人员提供服务:

CMD [ "http-server", "dist" ]
在Vue.js mounted()中使用axios对flask api执行GET请求时,它会在网络选项卡中显示“阻塞”,访问其他REST-api可以正常工作

使用curl进行测试(localhost:6000为flask服务器):
-curl正在从我真正的主机运行并连接到容器

curl -H "Origin: http://localhost:5000"   
-H "Access-Control-Request-Method: GET"   -H "Access-Control-Request-Headers: X-Requested With"   
-X OPTIONS --verbose  http://localhost:6000/todo/api/v1.0/wheel/40  

*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 6000 (#0)
> OPTIONS /todo/api/v1.0/wheel/40 HTTP/1.1
> Host: localhost:6000
> User-Agent: curl/7.58.0
> Accept: */*
> Origin: http://localhost:5000
> Access-Control-Request-Method: GET
> Access-Control-Request-Headers: X-Requested-With
> 
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Content-Type: text/html; charset=utf-8
< Allow: OPTIONS, GET, HEAD
< Access-Control-Allow-Origin: http://localhost:5000
< Access-Control-Allow-Headers: X-Requested-With
< Access-Control-Allow-Methods: DELETE, GET, HEAD, OPTIONS, PATCH, POST, PUT
< Vary: Origin
< Content-Length: 0
< Server: Werkzeug/1.0.0 Python/3.8.2
< Date: Sun, 15 Mar 2020 15:43:44 GMT
< 
* Closing connection 0
也显示了正常的回复。这不是一个很好的测试吗?

事实证明,mozilla允许某些协议使用某些端口,如下所示:

6000是“x11”端口,在该列表中-作为x11的端口,不用于xhr。因此,不在该列表中的每个端口都应该这样做。
原因:
Cert发布了一个漏洞说明VU#476267,用于“跨协议”脚本攻击,称为应用程序的
\uuu init\uuuuuuuuuuuuupy.py
文件中的HTML表单协议攻击。添加这些行,您就可以开始了

$pip安装烧瓶cors

来自flask_cors进口cors
app=烧瓶(名称)
CORS(应用程序)
阅读更多关于CORS的信息--

这通常是正确的答案,我应该补充说“tcpdump-i lo port 6000”没有显示任何流量,确认firefox没有发送所有数据如果API可以从CURL访问,这意味着问题不在Flask范围内,您是否可以分享一下您是如何在Vue.jse中调用API的?您是否阅读了在发表评论前一天发布的答案? 
curl -H "Origin: http://l:5000"   -H "Access-Control-Request-Method: GET"   -H "Access-Control-Request-Headers: X-Requested-With"  -v http://localhost:6000/todo/api/v1.0/wheel/40 
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 6000 (#0)
> GET /todo/api/v1.0/wheel/40 HTTP/1.1
> Host: localhost:6000
> User-Agent: curl/7.58.0
> Accept: */*
> Origin: http://l:5000
> Access-Control-Request-Method: GET
> Access-Control-Request-Headers: X-Requested-With
> 
* HTTP 1.0, assume close after body
< HTTP/1.0 200 OK
< Content-Type: application/json
< Content-Length: 39
< Access-Control-Allow-Origin: http://l:5000
< Vary: Origin
< Server: Werkzeug/1.0.0 Python/3.8.2
< Date: Sun, 15 Mar 2020 15:56:43 GMT
< 
{"result":{"model 1":0,"model 2":150}}
* Closing connection 0

-H "Origin: http://l:5000"