我使用Rails 4创建一组服务,我使用JavaScript浏览器应用程序。跨源GETS工作正常,但我的POST是失败的预检OPTIONS检查与404错误。至少,我认为这是发生了。以下是在控制台中显示的错误。这是Mac上的Chrome 31.0.1650.63。
I'm creating a set of services using Rails 4, which I am consuming with a JavaScript browser application. Cross-origin GETS are working fine, but my POSTs are failing the preflight OPTIONS check with a 404 error. At least, I think that's what's happening. Here are the errors as they appear in the console. This is Chrome 31.0.1650.63 on a Mac.
OPTIONS localhost:3000/confessor_requests 404 (Not Found) jquery-1.10.2.js:8706 OPTIONS localhost:3000/confessor_requests No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'localhost' is therefore not allowed access. jquery-1.10.2.js:8706 XMLHttpRequest cannot load localhost:3000/confessor_requests. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'localhost' is therefore not allowed access. main.html:1我已经搜索了高和低的启用CORS的说明, m stumped。通常的建议似乎是这样的应用程序控制器,我做了。
I've searched high and low for instructions on enabling CORS, and I'm stumped. The usual recommendation seems to be to put something like this in the Application controller, which I did.
before_filter :cors_preflight_check after_filter :cors_set_access_control_headers def cors_set_access_control_headers headers['Access-Control-Allow-Origin'] = '*' headers['Access-Control-Allow-Methods'] = 'POST, PUT, GET, OPTIONS' headers['Access-Control-Allow-Headers'] = '*' headers['Access-Control-Max-Age'] = "1728000" end def cors_preflight_check if request.method == :options headers['Access-Control-Allow-Origin'] = '*' headers['Access-Control-Allow-Methods'] = 'POST, PUT, GET, OPTIONS' headers['Access-Control-Allow-Headers'] = '*' headers['Access-Control-Max-Age'] = '1728000' render :text => '', :content_type => 'text/plain' end endmatch "/*all" => "application#cors_preflight_check", :constraints => { :method => "OPTIONS" }
'match'指令在Rails 4中不再工作, ,尝试使其直接匹配POSTS,如下:
The 'match' directive no longer works in Rails 4, so I fiddled with it, attempting to make it match POSTS directly, like this:
post "/*all" => "application#cors_preflight_check", :constraints => { :method => :options }但它仍然不工作。由于GET请求正在工作,我假设我缺少的是OPTIONS请求的正确路由。然而,我已经尝试了每一个我可以想到的路线,没有什么似乎让请求通过。
But it still doesn't work. Since the GET requests are working, I'm assuming that what I'm missing is the correct route for the OPTIONS request. However, I've tried every route I can think of, and nothing seems to let the request through.
我也尝试安装cyu/rack-cors ,这样做的结果相同。
I also tried installing cyu/rack-cors, and this gives the same result.
任何人都知道我在做什么错误?
Anyone know what I'm doing wrong?
推荐答案这里是 rack-cors gem 的解决方案,正如其他人提到的,你没有给出关于你使用哪个前端框架和实际请求的详细信息。
Here's a solution with the rack-cors gem, which you said you tried. As others have mentioned, you didn't give much detail in regards to which front-end framework you're using and what the actual request looks like. So the following may not apply to you, but I hope it helps someone.
在我的例子中,宝石工作正常,直到我使用PUT(或PATCH或DELETE)。
如果您在浏览器开发人员控制台中查看请求标头,则应该有这样的行:
If you look in your browser developer console, look at the request headers, and you should have a line like this:
Access-Control-Request-Method: PUT重要的是要注意的是,传递给 resource 的方法 Access-Control-Request-Method ,而不是在飞行前检查之后的请求方法。
The important thing to note is that the methods you pass to resource are for the Access-Control-Request-Method, not the Request Method that is to come after the pre-flight check.
注意我有:methods => [:get,:post,:options,:delete,:put,:patch] 。
Note how I have :methods => [:get, :post, :options, :delete, :put, :patch] that will include all the methods I care about.
因此你的整个配置部分应该看起来像这样, development.rb :
Thus your entire config section should look something like this, for development.rb:
# This handles cross-origin resource sharing. # See: github/cyu/rack-cors config.middleware.insert_before 0, "Rack::Cors" do allow do # In development, we don't care about the origin. origins '*' # Reminder: On the following line, the 'methods' refer to the 'Access- # Control-Request-Method', not the normal Request Method. resource '*', :headers => :any, :methods => [:get, :post, :options, :delete, :put, :patch], credentials: true end end更多推荐
Rails使用CORS预检选项请求上的404响应
发布评论