Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/ruby-on-rails/52.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Ruby on rails 访问控制允许源站不处理主干json请求、Nginx设置”;“大开”;,头看起来不错_Ruby On Rails_Nginx_Cors_Access Control - Fatal编程技术网
Fatal编程技术网
  • ruby-on-rails/
  • Ruby on rails 访问控制允许源站不处理主干json请求、Nginx设置”;“大开”;,头看起来不错

Ruby on rails 访问控制允许源站不处理主干json请求、Nginx设置”;“大开”;,头看起来不错

ruby-on-rails nginx cors

Ruby on rails 访问控制允许源站不处理主干json请求、Nginx设置”;“大开”;,头看起来不错,ruby-on-rails,nginx,cors,access-control,Ruby On Rails,Nginx,Cors,Access Control,您好,我需要从主干向API发出json请求(我可以控制服务器端)。。 虽然响应头看起来不错,但我一直在获取访问控制允许源代码 以下是Nginx设置: location / { if ($request_method = 'OPTIONS') { add_header 'Access-Control-Allow-Origin' '*'; add_header 'Access-Control-Allow-Credentials' 'true';

您好,我需要从主干向API发出json请求(我可以控制服务器端)。。 虽然响应头看起来不错,但我一直在获取访问控制允许源代码

以下是Nginx设置:

location / {
     if ($request_method = 'OPTIONS') {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
        add_header 'Access-Control-Max-Age' 1728000;
        add_header 'Content-Type' 'text/plain charset=UTF-8';
        add_header 'Content-Length' 0;
        return 204;
     }
     if ($request_method = 'POST') {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
     }
     if ($request_method = 'GET') {
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
     }
passenger_enabled on;
}
以下是来自控制台的请求/响应头:

Request headers
DNT: 1
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5) AppleWebKit/534.57.7 (KHTML, like Gecko) Version/5.1.7 Safari/534.57.7
Accept: */*;q=0.5, text/javascript, application/javascript, application/ecmascript, application/x-ecmascript
Referer: http://<address>/

Response Headers
Access-Control-Request-Method: *
X-Powered-By: Phusion Passenger (mod_rails/mod_rack) 3.0.14
Transfer-Encoding: Identity
Status: 200
Connection: keep-alive
X-Request-Id: 2917f130c8699182ee9cdc047c1926fe
X-UA-Compatible: IE=Edge,chrome=1
X-Runtime: 0.455212
Server: nginx/1.2.2 + Phusion Passenger 3.0.14 (mod_rails/mod_rack)
Etag: "346cee46bab7061e866fa064df95c845"
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=0, private, must-revalidate
Set-Cookie: _y_app_session=BAh7CEkiD3Nlc3Npb25faWQGOgZFRkkiJWE2Zjg3YWQ0NDFjZWNiM2VmNTg2ZDhiYmIyOGFlYmIwBjsAVEkiEF9jc3JmX3Rva2VuBjsARkkiMUxBSzFKTDJQWG1sa2dhbXRLM2ptQmxjenRkZEdJeVh1MDFhaUVuaXE1dFE9BjsARkkiCmZsYXNoBjsARm86JUFjdGlvbkRpc3BhdGNoOjpGbGFzaDo6Rmxhc2hIYXNoCToKQHVzZWRvOghTZXQGOgpAaGFzaHsAOgxAY2xvc2VkRjoNQGZsYXNoZXN7CDoLbm90aWNlMDoLZXJyb3JzMDoKZXJyb3IwOglAbm93MA%3D%3D--648ffcb1b2869f1da57773459307ca1ac5fb8bfb; path=/; HttpOnly
Access-Control-Allow-Headers: *
所以我可以做到:

 var xhr = new XMLHttpRequest()
 xhr.open('GET', 'http://www.api.com/plots.json')
 xhr.send();
当我通过主干网获取具有http://www.api.com/plots.json'作为url,我得到相同的源错误

**更新**

所以我切换到了更多的\u set\u头,现在可以执行.fetch()。。。仍然无法发布或执行集合。create()

以下是最新的Nginx设置:

server {

              listen 80;
              server_name api.app.com;
              root /home/ubuntu/app/current/public;
              passenger_enabled on;


    location / {
        if ($request_method = 'OPTIONS') {
             more_set_headers 'Access-Control-Allow-Origin: *';
             more_set_headers "Access-Control-Allow-Methods: OPTIONS, GET, PUT, DELETE, POST";
             more_set_headers "Access-Control-Allow-Headers:  x-requested-with";
             more_set_headers "Access-Control-Max-Age: 1728000";
             more_set_headers 'Content-Type: text/plain; charset=UTF-8';
             more_set_headers 'application/json; charset=utf-8';
             return 200;
            }

          if ($request_method = 'POST') {
           more_set_headers "Access-Control-Allow-Origin: http://vidoai.com";
           more_set_headers "Access-Control-Allow-Methods: GET, POST, OPTIONS";
           more_set_headers 'Access-Control-Allow-Headers: DNT, X-Mx-ReqToken, Keep-Alive,  User-Agent, X-Requested-With, If-Modified-Since, Cache-Control, Content-Type';
           more_set_headers 'Content-Type: application/json, text/javascript,  */*';
         }


passenger_enabled on;
    }


        if ($request_method !~ ^(GET|HEAD|POST|PUT|DELETE)$ ) {
           return 444;  # block requests that Rails doesn't handle
          }





}
我错过了什么

在这一行中:

if ($request_method !~ ^(GET|HEAD|POST|PUT|DELETE)$ ) {}
你也应该添加
选项,因为主干网可能会使用这些选项,而且你的位置也定义了它。
你能给我看一下你的配置文件以及服务器{}中的所有内容吗?嗯,好的,我会补充一个问题..天哪,就是这样吗?它现在真的起作用了。你是精灵还是smth?

if ($request_method !~ ^(GET|HEAD|POST|PUT|DELETE)$ ) {}