我一直在努力與CORS,只要我記得,但我正在嘗試一個非常簡單的事情:3 C9上的微服務 - 所有3個diff端口,所以不相同的起源。Angular2應用程序到Rails5的CORS問題後端
在Rails:
Program A-cors.rb
- 不工作
Rails.application.config.middleware.insert_before 0, Rack::Cors do
allow do
origins '*'
resource '*',
headers: :any,
methods: [:get, :post, :put, :patch, :delete, :options, :head]
end
end
Program B - cors.rb
不工作
Rails.application.config.middleware.insert_before 0, Rack::Cors do
allow do
origins '*'
resource '*',
headers: :any,
methods: [:get, :post, :put, :patch, :delete, :options, :head]
end
end
的Angular2服務也是兩個非常相似(僅名稱更改)所以我只會顯示
Program As - service
import { Injectable } from '@angular/core'
import { Http, Response, Headers, RequestOptions } from '@angular/http';
import { Observable } from 'rxjs/Rx';
import { Document } from './document';
@Injectable()
export class DocumentService{
private documentsUrl = "//freeland-camp-documents-dnorthrup.c9users.io/freelance_documents.json";
constructor(
private http: Http
) {}
getDocuments(): Observable<Document[]> {
let headers = new Headers({ 'Content-Type': 'application/json', 'Access-Control-Allow-Origin': '*' });
let options = new RequestOptions({ headers: headers });
return this.http.get(this.documentsUrl)
.map((response: Response) => <Document[]>response.json())
.catch(this.handleError);
}
private handleError (error: Response | any) {
// In a real world app, we might use a remote logging infrastructure
let errMsg: string;
if (error instanceof Response) {
const body = error.json() || '';
const err = body.error || JSON.stringify(body);
errMsg = `${error.status} - ${error.statusText || ''} ${err}`;
} else {
errMsg = error.message ? error.message : error.toString();
}
console.error(errMsg);
return Observable.throw(errMsg);
}
}
的let headers
是最近改變我試圖讓,閱讀另一篇文章之後。從我的理解有關CORS它不過多數民衆贊成禁止此,導軌,每次呼叫從角由我看到
Started GET "/freelance_documents.json" for 108.51.108.71 at 2017-03-04 23:46:38 +0000
Processing by FreelanceDocumentsController#index as JSON
FreelanceDocument Load (0.5ms) SELECT "freelance_documents".* FROM "freelance_documents" ORDER BY created_at DESC
Completed 200 OK in 8ms (Views: 6.5ms | ActiveRecord: 0.5ms)
在控制檯 - 彷彿Rails的認爲它成功的事(我想這是因爲Rails是在API模式和JSON總是呈現?
正是我缺少什麼?B計劃原本在那裏的真正來源網址,仍然工作,將其更改爲*
並沒有解決任何問題。
每Rails5第一條發現我也放在:
config.action_dispatch.default_headers = {
'Access-Control-Allow-Origin' => 'freeland-camp-documents-dnorthrup.c9users.io:8082',
'Access-Control-Request-Method' => %w{GET POST OPTIONS}.join(",")
}
在Application.rb中無效。歡迎任何見解 - 我沒有想法。我試過Chrome的插件來繞過頁眉(不起作用),導致Program A
正常工作,但是破壞了Program B
,說「origin evil.com不夠用」。 - 這是當我沒有*時。
歡迎任何輸入。