Javascript 服务器无法使用从应用程序发送的应用程序/xml请求
我有一个Javascript应用程序生成XML并将其发送到RESTAPI。API应为内容类型:application/xml。我已尝试以不同的格式将XML附加到请求:Javascript 服务器无法使用从应用程序发送的应用程序/xml请求,javascript,http,request,application-xml,Javascript,Http,Request,Application Xml,我有一个Javascript应用程序生成XML并将其发送到RESTAPI。API应为内容类型:application/xml。我已尝试以不同的格式将XML附加到请求: import {create} from 'xmlbuilder2'; const rawXML = '<?xml version="1.0" encoding="UTF-8"?><TokenExchangeRequest xmlns="http://schemas.nav.gov.hu/OSA
import {create} from 'xmlbuilder2';
const rawXML = '<?xml version="1.0" encoding="UTF-8"?><TokenExchangeRequest xmlns="http://schemas.nav.gov.hu/OSA/2.0/api"><header><requestId>202003201315421</requestId><timestamp>2020-03-20T13:15:42.941Z</timestamp><requestVersion>2.0</requestVersion><headerVersion>1.0</headerVersion></header><user><login>vbdznuownd8murm</login><passwordHash>D6CD2AF6CD5912B800EC3050477E788C84804800A0235E93C7B47A436FD730504BFC979F44EB4C745F2968FE35772E1193F95BDC8DDFDC998A18C7E9E9718F28</passwordHash><taxNumber>66604093</taxNumber><requestSignature>EE265DA5AC4ADA7BBAD2D15581AA230CE50C90D9B7075814866BD43E92B30BCC0E52BA8355E0A09AB38F33D5EF7B502983ACBC5E42532C5EB8479BFDE5031AD2</requestSignature></user><software><softwareId>123456789123456789</softwareId><softwareName>placeholder</softwareName><softwareOperation>LOCAL_SOFTWARE</softwareOperation><softwareMainVersion>placeholder</softwareMainVersion><softwareDevName>placeholder</softwareDevName><softwareDevContact>placeholder</softwareDevContact><softwareDevCountryCode>HU</softwareDevCountryCode><softwareDevTaxNumber>placeholder</softwareDevTaxNumber></software></TokenExchangeRequest>'
let parser = new DOMParser();
let parserXML = parser.parseFromString(rawXML, "application/xml");
let xmlbuilderXML = create(rawXML);
fetch('https://api-test.onlineszamla.nav.gov.hu/invoiceService/v2/tokenExchange', {
method: 'POST', // *GET, POST, PUT, DELETE, etc.
mode: 'no-cors', // no-cors, *cors, same-origin
cache: 'no-cache', // *default, no-cache, reload, force-cache, only-if-cached
credentials: 'same-origin', // include, *same-origin, omit
headers: {
'Content-Type': 'application/xml',
'accept': 'application/xml'
// 'Content-Type': 'application/x-www-form-urlencoded',
},
redirect: 'follow', // manual, *follow, error
referrerPolicy: 'no-referrer', // no-referrer, *client
body: rawXML // body data type must match "Content-Type" header
});
首先,您必须删除
无cor
,因为无cor
中不允许使用应用程序/xml
。()
要解决这个问题,您必须配置(重新配置)后端以接受这样的请求。您可以找到Node.js的示例。我已经设法解决了这个问题。这比我想象的更具体。这是一个电子应用程序。我已经在主窗口上关闭了web安全,现在它可以正常工作了。
@埃弗特在评论中帮助我得出了这个结论。试着删除“模式:'无cors'”@ariel这有什么帮助?服务器显然正在接受我的请求。问题出在身体上。
没有cors
不符合大多数人的想法。我想它实际上会把尸体掉下来。通常情况下,除非是非常特殊的情况,否则您不希望没有cors
。我想在你的例子中,no-cors
也会重写内容类型,因为application/xml
在no-cors
中是不允许的。这个问题启发了我写这篇文章:这不是我第一次看到人们碰到这个问题。不是你问题的解决方案,但解决方案的第一步确实是删除无COR
,然后,我可能可以帮助你找到真正的答案。在删除无cors
后,您可能会收到不同的错误,我希望看到它。
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><GeneralExceptionResponse xmlns="http://schemas.nav.gov.hu/OSA/2.0/api" xmlns:ns2="http://schemas.nav.gov.hu/OSA/2.0/data"><funcCode>ERROR</funcCode><errorCode>OPERATION_FAILED</errorCode><message>RESTEASY003065: Cannot consume content type</message></GeneralExceptionResponse>
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<GeneralErrorResponse xmlns="http://schemas.nav.gov.hu/OSA/2.0/api" xmlns:ns2="http://schemas.nav.gov.hu/OSA/2.0/data">
<result>
<funcCode>ERROR</funcCode>
<errorCode>INVALID_REQUEST</errorCode>
<message>Helytelen kérés!</message>
</result>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Request body contains error: [cvc-pattern-valid: Value 'login' is not facet-valid with respect to pattern '[a-zA-Z0-9]{6,15}' for type 'LoginType'.]</message>
</technicalValidationMessages>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Field [login] contains error: [cvc-type.3.1.3: The value 'login' of element 'login' is not valid.]</message>
</technicalValidationMessages>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Request body contains error: [cvc-pattern-valid: Value '' is not facet-valid with respect to pattern '[0-9A-F]{128}' for type 'Sha512HashType'.]</message>
</technicalValidationMessages>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Field [passwordHash] contains error: [cvc-type.3.1.3: The value '' of element 'passwordHash' is not valid.]</message>
</technicalValidationMessages>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Request body contains error: [cvc-pattern-valid: Value '' is not facet-valid with respect to pattern '[0-9A-F]{128}' for type 'Sha512HashType'.]</message>
</technicalValidationMessages>
<technicalValidationMessages>
<validationResultCode>ERROR</validationResultCode>
<validationErrorCode>SCHEMA_VIOLATION</validationErrorCode>
<message>Field [requestSignature] contains error: [cvc-type.3.1.3: The value '' of element 'requestSignature' is not valid.]</message>
</technicalValidationMessages>
</GeneralErrorResponse>
{
"info": {
"_postman_id": "9e2f2870-d35b-45b0-8d35-a81d190a8679",
"name": "NAV",
"schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json"
},
"item": [
{
"name": "tokenExchange",
"request": {
"method": "POST",
"header": [
{
"key": "Content-Type",
"name": "Content-Type",
"value": "application/xml",
"type": "text"
},
{
"key": "accept",
"value": "application/xml",
"type": "text"
}
],
"body": {
"mode": "raw",
"raw": "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n<TokenExchangeRequest xmlns=\"http://schemas.nav.gov.hu/OSA/2.0/api\">\n <header>\n <requestId>202003201315421</requestId>\n <timestamp>2020-03-20T13:15:42.941Z</timestamp>\n <requestVersion>2.0</requestVersion>\n <headerVersion>1.0</headerVersion>\n </header>\n <user>\n <login>login</login>\n <passwordHash></passwordHash>\n <taxNumber>12345678</taxNumber>\n <requestSignature></requestSignature>\n </user>\n <software>\n <softwareId>123456789123456789</softwareId>\n <softwareName>placeholder</softwareName>\n <softwareOperation>LOCAL_SOFTWARE</softwareOperation>\n <softwareMainVersion>placeholder</softwareMainVersion>\n <softwareDevName>placeholder</softwareDevName>\n <softwareDevContact>placeholder</softwareDevContact>\n <softwareDevCountryCode>HU</softwareDevCountryCode>\n <softwareDevTaxNumber>placeholder</softwareDevTaxNumber>\n </software>\n</TokenExchangeRequest>",
"options": {
"raw": {
"language": "xml"
}
}
},
"url": {
"raw": "https://api-test.onlineszamla.nav.gov.hu/invoiceService/v2/tokenExchange",
"protocol": "https",
"host": [
"api-test",
"onlineszamla",
"nav",
"gov",
"hu"
],
"path": [
"invoiceService",
"v2",
"tokenExchange"
]
}
},
"response": []
}
],
"protocolProfileBehavior": {}
}
<html><head><meta http-equiv='content-type' content='text/html;charset=utf-8'><title>400 Bad Request</title></head><body text=#000000 bgcolor=#ffffff><H1>400 Bad Request</H1></BR>An HTTP protocol violation was detected and your request was denied.</BR>SessionID: aZYz1fRA::02<BR>Date: 2020-03-20 09:05:33</body></html>
Failed to load https://api-test.onlineszamla.nav.gov.hu/invoiceService/v2/tokenExchange: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:9080' is therefore not allowed access. The response had HTTP status code 400. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.