Javascript 如何在使用ajax请求时消除cors错误?
我正在尝试在跨域中使用passport使用Javascript 如何在使用ajax请求时消除cors错误?,javascript,node.js,express,cors,passport.js,Javascript,Node.js,Express,Cors,Passport.js,我正在尝试在跨域中使用passport使用express session进行会话 未能加载:对的响应 飞行前请求未通过访问控制检查:的值 响应中的“访问控制允许来源”标题不能是 当请求的凭据模式为“包括”时,使用通配符“*”。起源 因此不允许访问“”。这个 XMLHttpRequest启动的请求的凭据模式为 由withCredentials属性控制 这是我的全部密码 客户端索引.html <!DOCTYPE html> <html lang="en"> <hea
express session
进行会话
未能加载:对的响应
飞行前请求未通过访问控制检查:的值
响应中的“访问控制允许来源”标题不能是
当请求的凭据模式为“包括”时,使用通配符“*”。起源
因此不允许访问“”。这个
XMLHttpRequest启动的请求的凭据模式为
由withCredentials属性控制
这是我的全部密码
客户端索引.html
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="UTF-8">
<title>Title</title>
<link href="style/style.css" rel="stylesheet" type="text/css"/>
<script src="../node_modules/jquery/dist/jquery.js"></script>
<script src="jquery.js"></script>
</head>
<body>
<script>
$(function () {
$.ajax({
url: 'http://localhost:5000/users/login',
type: "POST",
contentType: "application/json; charset=utf-8",
data: JSON.stringify({id: 5}),
dataType: 'json',
xhrFields: {
withCredentials: true,
},
crossDomain: true,
success: function () {
console.log('success');
},
error: function () {
console.log('error')
}
});
})
</script>
</body>
</html>
app.js
var app = require('./app');
const PORT = process.env.PORT || 5000;
app.listen(PORT, () => {
console.log(`app is running on ${PORT}`);
})
const express = require('express');
const bodyParser = require('body-parser');
const cookieParser = require('cookie-parser');
const path = require('path');
const morgan = require('morgan');
const cors = require('cors');
const session = require('express-session');
const passport = require('passport');
const app = express();
// Middleware
app.use(bodyParser.urlencoded({extended: false}));
app.use(bodyParser.json());
app.use(morgan('dev'));
app.use(cookieParser());
app.use(cors());
app.use(cookieParser());
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, authorization");
res.header("Access-Control-Allow-Methods", "GET,POST,DELETE,PUT,OPTIONS");
next();
});
app.use(session({
secret: 'secret',
resave: false,
domain: '.localhost:3000',
saveUninitialized: false,
cookie: {
domain: '.localhost:3000',
maxAge: 24 * 6 * 60 * 10000
},
}))
app.use(passport.initialize());
app.use(passport.session());
//Routes
app.use('/users', require('./routes/user.route'))
module.exports = app;
const passport = require('passport');
const passportConfig = require('../passport')
module.exports = {
login: async (req, res, next) => {
console.log(req.body);
try {
req.login(req.body.id, function () {
res.json({message: "Registration successfully"});
})
} catch (e) {
console.log(e)
}
},
}
const passport = require('passport');
passport.serializeUser(function(id, done) {
console.log('ddd');
// console.log(user);
done(null, id);
});
passport.deserializeUser(function(id, done) {
console.log('deserializeUser');
done(null, id);
// db.User.findById(id, function (err, user) {
// done(err, user);
// });
});
const express = require('express');
const router = require('express-promise-router')();
const controller = require('../controllers/user.controller');
router.route('/login',)
.post(controller.login)
module.exports = router;
controller.js
var app = require('./app');
const PORT = process.env.PORT || 5000;
app.listen(PORT, () => {
console.log(`app is running on ${PORT}`);
})
const express = require('express');
const bodyParser = require('body-parser');
const cookieParser = require('cookie-parser');
const path = require('path');
const morgan = require('morgan');
const cors = require('cors');
const session = require('express-session');
const passport = require('passport');
const app = express();
// Middleware
app.use(bodyParser.urlencoded({extended: false}));
app.use(bodyParser.json());
app.use(morgan('dev'));
app.use(cookieParser());
app.use(cors());
app.use(cookieParser());
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, authorization");
res.header("Access-Control-Allow-Methods", "GET,POST,DELETE,PUT,OPTIONS");
next();
});
app.use(session({
secret: 'secret',
resave: false,
domain: '.localhost:3000',
saveUninitialized: false,
cookie: {
domain: '.localhost:3000',
maxAge: 24 * 6 * 60 * 10000
},
}))
app.use(passport.initialize());
app.use(passport.session());
//Routes
app.use('/users', require('./routes/user.route'))
module.exports = app;
const passport = require('passport');
const passportConfig = require('../passport')
module.exports = {
login: async (req, res, next) => {
console.log(req.body);
try {
req.login(req.body.id, function () {
res.json({message: "Registration successfully"});
})
} catch (e) {
console.log(e)
}
},
}
const passport = require('passport');
passport.serializeUser(function(id, done) {
console.log('ddd');
// console.log(user);
done(null, id);
});
passport.deserializeUser(function(id, done) {
console.log('deserializeUser');
done(null, id);
// db.User.findById(id, function (err, user) {
// done(err, user);
// });
});
const express = require('express');
const router = require('express-promise-router')();
const controller = require('../controllers/user.controller');
router.route('/login',)
.post(controller.login)
module.exports = router;
passport.js
var app = require('./app');
const PORT = process.env.PORT || 5000;
app.listen(PORT, () => {
console.log(`app is running on ${PORT}`);
})
const express = require('express');
const bodyParser = require('body-parser');
const cookieParser = require('cookie-parser');
const path = require('path');
const morgan = require('morgan');
const cors = require('cors');
const session = require('express-session');
const passport = require('passport');
const app = express();
// Middleware
app.use(bodyParser.urlencoded({extended: false}));
app.use(bodyParser.json());
app.use(morgan('dev'));
app.use(cookieParser());
app.use(cors());
app.use(cookieParser());
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, authorization");
res.header("Access-Control-Allow-Methods", "GET,POST,DELETE,PUT,OPTIONS");
next();
});
app.use(session({
secret: 'secret',
resave: false,
domain: '.localhost:3000',
saveUninitialized: false,
cookie: {
domain: '.localhost:3000',
maxAge: 24 * 6 * 60 * 10000
},
}))
app.use(passport.initialize());
app.use(passport.session());
//Routes
app.use('/users', require('./routes/user.route'))
module.exports = app;
const passport = require('passport');
const passportConfig = require('../passport')
module.exports = {
login: async (req, res, next) => {
console.log(req.body);
try {
req.login(req.body.id, function () {
res.json({message: "Registration successfully"});
})
} catch (e) {
console.log(e)
}
},
}
const passport = require('passport');
passport.serializeUser(function(id, done) {
console.log('ddd');
// console.log(user);
done(null, id);
});
passport.deserializeUser(function(id, done) {
console.log('deserializeUser');
done(null, id);
// db.User.findById(id, function (err, user) {
// done(err, user);
// });
});
const express = require('express');
const router = require('express-promise-router')();
const controller = require('../controllers/user.controller');
router.route('/login',)
.post(controller.login)
module.exports = router;
路线
var app = require('./app');
const PORT = process.env.PORT || 5000;
app.listen(PORT, () => {
console.log(`app is running on ${PORT}`);
})
const express = require('express');
const bodyParser = require('body-parser');
const cookieParser = require('cookie-parser');
const path = require('path');
const morgan = require('morgan');
const cors = require('cors');
const session = require('express-session');
const passport = require('passport');
const app = express();
// Middleware
app.use(bodyParser.urlencoded({extended: false}));
app.use(bodyParser.json());
app.use(morgan('dev'));
app.use(cookieParser());
app.use(cors());
app.use(cookieParser());
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, authorization");
res.header("Access-Control-Allow-Methods", "GET,POST,DELETE,PUT,OPTIONS");
next();
});
app.use(session({
secret: 'secret',
resave: false,
domain: '.localhost:3000',
saveUninitialized: false,
cookie: {
domain: '.localhost:3000',
maxAge: 24 * 6 * 60 * 10000
},
}))
app.use(passport.initialize());
app.use(passport.session());
//Routes
app.use('/users', require('./routes/user.route'))
module.exports = app;
const passport = require('passport');
const passportConfig = require('../passport')
module.exports = {
login: async (req, res, next) => {
console.log(req.body);
try {
req.login(req.body.id, function () {
res.json({message: "Registration successfully"});
})
} catch (e) {
console.log(e)
}
},
}
const passport = require('passport');
passport.serializeUser(function(id, done) {
console.log('ddd');
// console.log(user);
done(null, id);
});
passport.deserializeUser(function(id, done) {
console.log('deserializeUser');
done(null, id);
// db.User.findById(id, function (err, user) {
// done(err, user);
// });
});
const express = require('express');
const router = require('express-promise-router')();
const controller = require('../controllers/user.controller');
router.route('/login',)
.post(controller.login)
module.exports = router;
我想在跨域中添加会话。我已经应用了cors插件,但仍然出现相同的错误。最简单的方法是使用node.js包。最简单的用法是:
var cors = require('cors')
var app = express();
app.use(cors());
在ajax中使用带有凭据的时:true
,cors需要如下配置
app.use(cors({origin: 'http://localhost:3000', credentials: true}));
你就快解决了。您需要在
Access Control Allow Origin
标题值中发送实际允许的主机,而不是*
如果要允许所有来源,则可以在CORS中间件中包含req.headers.origin
的Access Control allow origin
头值:
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", req.headers.origin);
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, authorization");
res.header("Access-Control-Allow-Methods", "GET,POST,DELETE,PUT,OPTIONS");
next();
});
@LaxmikantDange的可能副本我已经应用了这些内容这不是一个复杂的问题请删除此答案您是否配置了源代码?不工作请在github上签出我的代码。如果您有2分钟的时间,请让我知道我哪里做错了您需要在访问控制中添加凭据(请参阅更新的答案)在使用cors(`res.header(“访问控制允许来源”);`这是一个问题。!所以请注释`app.use(function(req,res,next){res.header(“访问控制允许来源”),“*”;res.header(“访问控制允许来源”,“来源,X-request-With,Content-Type,Accept,authorization”);res.header(“访问控制允许方法”、“GET、POST、DELETE、PUT、OPTIONS”);next();};*/``让我们来看看。