I am working on a MEAN-STACK application.Using Mean-cli packgae of node. in which i am using darksky weather API, in package name Information. I have 4 other packages in custom folder of mean app. how did i enable the CORS so that all API request did not fail and return the response.
我正在研究MEAN-STACK应用程序。使用Mean-cli packgae of node。其中我使用的是darksky weather API,在包名称信息中。我在平均应用程序的自定义文件夹中有4个其他包。我是如何启用CORS以便所有API请求都不会失败并返回响应的。
i googled and find out that i have to add this middleware.
我用谷歌搜索,发现我必须添加这个中间件。
//CORS middleware
var allowCrossDomain = function(req, res, next) {
res.header('Access-Control-Allow-Origin', 'example.com');
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
res.header('Access-Control-Allow-Headers', 'Content-Type');
next();
}
where should i add this. in each package where we are using cross-origin request or in some global file.
我应该在哪里添加这个。在我们使用跨源请求的每个包中或在某个全局文件中。
I have tried to add this middleware in server -route file of ? Information package and in express.js file of confile but it didn't work.
我试过在服务器-route文件中添加这个中间件?信息包和confile的express.js文件,但它没有工作。
2 个解决方案
#1
2
So the actual solution to your issue turned out to be using jsonp callback with forecast.io api as they haven't enabled CORS headers for client access. Use $http.jsonp like this
因此,您的问题的实际解决方案是使用带有forecast.io api的jsonp回调,因为它们没有为客户端访问启用CORS头。像这样使用$ http.jsonp
$http.jsonp(url + lat + ',' + lng + '?callback=JSON_CALLBACK');
In general to enable CORS on your expressjs server do the following.
通常,要在expressjs服务器上启用CORS,请执行以下操作。
- Install cors module for express with
npm install cors - require it
var cors = require('cors'); - Set it on your express app instance with
app.use(cors());
使用npm install cors安装cors模块进行快速安装
要求它var cors = require('cors');
使用app.use(cors())在Express应用程序实例上设置它;
cors module will automatically add all aors related headers on the response. Alternately you could also configure a lot of options. Check the official docs
cors模块将自动在响应上添加所有与aors相关的标头。或者你也可以配置很多选项。查看官方文档
OR
If you want to do it yourself you could do the following
如果您想自己动手,可以执行以下操作
var permitCrossDomainRequests = function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
res.header('Access-Control-Allow-Headers', 'Content-Type');
// some browsers send a pre-flight OPTIONS request to check if CORS is enabled so you have to also respond to that
if ('OPTIONS' === req.method) {
res.send(200);
}
else {
next();
}
};
then Enable your CORS middleware
然后启用您的CORS中间件
app.use(permitCrossDomainRequests);
Enable routes at the end
最后启用路由
app.use(app.router);
#2
1
If you only have one Express server, you only need to add the middleware once. Your other modules are probably provided as middleware to the server.
如果您只有一台Express服务器,则只需添加一次中间件。您的其他模块可能作为中间件提供给服务器。
If you register a middleware function without any qualifying path, like app.use(function(){ ... }), the middleware will run for every request processed by the server. It does not matter what other middleware is invoked by any given request.
如果您注册中间件函数而没有任何限定路径,例如app.use(function(){...}),则中间件将针对服务器处理的每个请求运行。任何给定的请求调用其他中间件并不重要。
If you have multiple Express servers running simultaneously (this is fairly unlikely), then you will need to add the middleware to each server.
如果您同时运行多个Express服务器(这是不太可能),那么您将需要将中间件添加到每个服务器。
#1
2
So the actual solution to your issue turned out to be using jsonp callback with forecast.io api as they haven't enabled CORS headers for client access. Use $http.jsonp like this
因此,您的问题的实际解决方案是使用带有forecast.io api的jsonp回调,因为它们没有为客户端访问启用CORS头。像这样使用$ http.jsonp
$http.jsonp(url + lat + ',' + lng + '?callback=JSON_CALLBACK');
In general to enable CORS on your expressjs server do the following.
通常,要在expressjs服务器上启用CORS,请执行以下操作。
- Install cors module for express with
npm install cors - require it
var cors = require('cors'); - Set it on your express app instance with
app.use(cors());
使用npm install cors安装cors模块进行快速安装
要求它var cors = require('cors');
使用app.use(cors())在Express应用程序实例上设置它;
cors module will automatically add all aors related headers on the response. Alternately you could also configure a lot of options. Check the official docs
cors模块将自动在响应上添加所有与aors相关的标头。或者你也可以配置很多选项。查看官方文档
OR
If you want to do it yourself you could do the following
如果您想自己动手,可以执行以下操作
var permitCrossDomainRequests = function(req, res, next) {
res.header('Access-Control-Allow-Origin', '*');
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
res.header('Access-Control-Allow-Headers', 'Content-Type');
// some browsers send a pre-flight OPTIONS request to check if CORS is enabled so you have to also respond to that
if ('OPTIONS' === req.method) {
res.send(200);
}
else {
next();
}
};
then Enable your CORS middleware
然后启用您的CORS中间件
app.use(permitCrossDomainRequests);
Enable routes at the end
最后启用路由
app.use(app.router);
#2
1
If you only have one Express server, you only need to add the middleware once. Your other modules are probably provided as middleware to the server.
如果您只有一台Express服务器,则只需添加一次中间件。您的其他模块可能作为中间件提供给服务器。
If you register a middleware function without any qualifying path, like app.use(function(){ ... }), the middleware will run for every request processed by the server. It does not matter what other middleware is invoked by any given request.
如果您注册中间件函数而没有任何限定路径,例如app.use(function(){...}),则中间件将针对服务器处理的每个请求运行。任何给定的请求调用其他中间件并不重要。
If you have multiple Express servers running simultaneously (this is fairly unlikely), then you will need to add the middleware to each server.
如果您同时运行多个Express服务器(这是不太可能),那么您将需要将中间件添加到每个服务器。