云API网关不允许使用CORS
我有连接到云功能的云网关API。 它使用非常适合我生成的API密钥,但是当我限制了仅启用特定域访问的密钥时 - example.com,我开始获取CORS客户端错误。 (它在没有域限制的情况下起作用)
所以我在控制台中的config> config文件中启用了CORS,该文件没有错误,但是在访问API时,我仍然会遇到CORS错误来自我域中的键的URL:
https://project-xxxx.uc.gateway.dev/search?key=AIxxxxxxxxx
config:
swagger: "2.0"
info:
title: projectapi
description: "data api"
version: "1.0.0"
schemes:
- "https"
host: "project-xxxxxxxx.apigateway.xxxxx-xxxxx.cloud.goog"
x-google-endpoints:
- name: "project-xxxxxxxx.apigateway.xxxxx-xxxxx.cloud.goog"
allowCors: True
paths:
"/search":
get:
description: "data"
operationId: "project"
x-google-backend:
address: https://us-central1-projectName.cloudfunctions.net/search
security:
- api_key: [key]
responses:
200:
description: "Success."
schema:
type: string
400:
description: "Invalid"
securityDefinitions:
api_key:
type: "apiKey"
name: "key"
in: "query"
我的云功能确实允许CORS ,并且 works 很棒如果直接称为 ,则在此处的链接地址密钥。
为什么此配置不允许网关CORS?
I have Cloud Gateway API that connects to Cloud Function.
It worked great with an API key that I generated, but then when I restricted the key to enable access for my specific domain only - example.com, I started to get CORS errors on the client. ( it worked without domain restriction)
So I enabled CORS in the config file in the Console, the file had no errors, but I still get a CORS error when accessing the API URL from my domain with the key:
https://project-xxxx.uc.gateway.dev/search?key=AIxxxxxxxxx
Config :
swagger: "2.0"
info:
title: projectapi
description: "data api"
version: "1.0.0"
schemes:
- "https"
host: "project-xxxxxxxx.apigateway.xxxxx-xxxxx.cloud.goog"
x-google-endpoints:
- name: "project-xxxxxxxx.apigateway.xxxxx-xxxxx.cloud.goog"
allowCors: True
paths:
"/search":
get:
description: "data"
operationId: "project"
x-google-backend:
address: https://us-central1-projectName.cloudfunctions.net/search
security:
- api_key: [key]
responses:
200:
description: "Success."
schema:
type: string
400:
description: "Invalid"
securityDefinitions:
api_key:
type: "apiKey"
name: "key"
in: "query"
My Cloud Function does allow CORS, and works great if called directly with the link here in the address key.
Why this config wont allow CORS for the Gateway ?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
解决!
您不仅必须为域名启用密钥,还必须从列表中启用特定 API名称,转到
apis&服务=>凭证=> API键=>您的键=> API限制=>从列表中选择您的API名称!此允许使用平衡器从特定域 - 访问函数 - 。
Solved !
You must enable the key not only for your domain name, but also for your specific API name from the list, go to
APIs & Services => Credentials => API keys => your key => API restrictions => choose your API name from the list !This allow access to a Function from a specific domain - without using a Balancer.