Angular 13:已被 CORS 策略阻止:否“Access-Control-Allow-Origin”标头存在于请求的资源上
有人可以帮助我吗?我的 CORS 政策有问题,而且我无法访问网站的后端。
这是我在后端(node.js)中使用的代码:
app.use(cors({
Access_Control_Allow_Origin: "*",
origin:"*",
methode:['GET','POST','PATCH','DELETE','PUT'],
allowedHeaders:'Content-Type, Authorization, Origin, X-Requested-With, Accept'
}));
这是前端(我使用Angular 13)导入API的代码: environment.ts
export const environment = {
production: false,
serverURL: 'http://localhost:3000/api/'
};
我也尝试过这段代码,但它不起作用:
app.use(function (req, res, next) {
// Website you wish to allow to connect
res.setHeader('Access-Control-Allow-Origin', 'http://localhost:4200');
// Request methods you wish to allow
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
// Request headers you wish to allow
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
// Set to true if you need the website to include cookies in the requests sent
// to the API (e.g. in case you use sessions)
res.setHeader('Access-Control-Allow-Credentials', true);
// Pass to next layer of middleware
next();
});
Can someone help me please, I have a problem in CORS policy and I have no access to the backend of the site.
This is the code I use in the backend (node.js):
app.use(cors({
Access_Control_Allow_Origin: "*",
origin:"*",
methode:['GET','POST','PATCH','DELETE','PUT'],
allowedHeaders:'Content-Type, Authorization, Origin, X-Requested-With, Accept'
}));
this is the code of the front end (I used Angular 13) to import API:
environment.ts
export const environment = {
production: false,
serverURL: 'http://localhost:3000/api/'
};
I've tried also this code but it didn't work:
app.use(function (req, res, next) {
// Website you wish to allow to connect
res.setHeader('Access-Control-Allow-Origin', 'http://localhost:4200');
// Request methods you wish to allow
res.setHeader('Access-Control-Allow-Methods', 'GET, POST, OPTIONS, PUT, PATCH, DELETE');
// Request headers you wish to allow
res.setHeader('Access-Control-Allow-Headers', 'X-Requested-With,content-type');
// Set to true if you need the website to include cookies in the requests sent
// to the API (e.g. in case you use sessions)
res.setHeader('Access-Control-Allow-Credentials', true);
// Pass to next layer of middleware
next();
});
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
确保您有正确的导入:
并使用:
或将代码更改为:
在生产中小心使用 '*' 作为 Access-Control-Allow-Origin。仅将此更改回允许连接到您的 API 的客户端。
如果这没有帮助,请尝试设置代理请求以在 Angular 中启用 CORS:在应用程序的 src 文件夹中,创建一个名为
proxy.conf.json的新文件。这是一个 JSON 文件,其中包含代理服务器的配置。在这里,我们将告诉 Angular 应用程序充当另一个服务器,接受 API 调用并将它们转移到 http://localhost:3000。在 proxy.conf.json 文件中,添加以下代码:
接下来,通知 Angular 有关此代理配置的信息。我们可以通过在 angular.json 文件中添加 proxyConfig 选项来做到这一点:
Make sure you have the right imports:
and either use:
Or change your code to this:
Be careful with '*' as Access-Control-Allow-Origin in production. Change this back only to the clients that are allowed to connect to your API.
If that didn't help, then try to set proxy requests to enable CORS in Angular: Inside the src folder of your application, create a new file called
proxy.conf.json. This is a JSON file that will contain the configuration for the proxy server. Here, we'll tell our Angular application to act as another server that takes API calls and diverts them to http://localhost:3000.Inside the proxy.conf.json file, add the following code:
Next, inform Angular about this proxy configuration. We can do that by adding a proxyConfig option inside our angular.json file: