\u6765\u5230\u7c73\u4e91\u7684\u5927\u5bb6\uff0c\u76f8\u4fe1\u90fd\u662f\u7f16\u7a0b\u5b66\u4e60\u7231\u597d\u8005\uff0c\u5e0c\u671b\u5728\u8fd9\u91cc\u5b66\u4e60\u6587\u7ae0\u76f8\u5173\u7f16\u7a0b\u77e5\u8bc6\u3002\u4e0b\u9762\u672c\u7bc7\u6587\u7ae0\u5c31\u6765\u5e26\u5927\u5bb6\u804a\u804a\u300aNodejs + \u81ea\u5b9a\u4e49 CORS\u300b\uff0c\u4ecb\u7ecd\u4e00\u4e0b\uff0c\u5e0c\u671b\u5bf9\u5927\u5bb6\u7684\u77e5\u8bc6\u79ef\u7d2f\u6709\u6240\u5e2e\u52a9\uff0c\u52a9\u529b\u5b9e\u6218\u5f00\u53d1\uff01<\/p>\n
![\"Nodejs](\"https:\/\/www.17golang.com\/uploads\/20241122\/1732235092673fcf54bb148.jpg\" "\\"Nodejs")
<\/p>\n
cors\uff08\u8de8\u6e90\u8d44\u6e90\u5171\u4eab\uff09<\/strong> \u662f\u4e00\u79cd\u5141\u8bb8\u4e00\u4e2a\u57df\u4e0a\u7684 web \u5e94\u7528\u7a0b\u5e8f\u8bbf\u95ee\u53e6\u4e00\u4e2a\u57df\u4e0a\u7684\u8d44\u6e90\u7684\u673a\u5236\u3002\u5f53\u5f00\u53d1\u524d\u7aef\u548c\u540e\u7aef\u5206\u79bb\u5e76\u901a\u8fc7 api \u8fdb\u884c\u901a\u4fe1\u7684\u5e94\u7528\u7a0b\u5e8f\u65f6\uff0c\u8fd9\u4e00\u70b9\u81f3\u5173\u91cd\u8981\u3002<\/p>\n \u8fd9\u91cc\u6709\u4e00\u7bc7\u6587\u7ae0\u89e3\u91ca\u4e86\u5728 node.js \u548c express \u4e2d\u4e0d\u4f7f\u7528\u5916\u90e8\u5e93\u7684 cors \u5b9e\u73b0\uff1a<\/p>\n export simplemethods<\/strong>\uff1a\u5b9a\u4e49 cors \u8bf7\u6c42\u5141\u8bb8\u7684 http \u65b9\u6cd5\uff08\u4f8b\u5982 get\u3001post\u3001put \u7b49\uff09\u3002<\/p>\n \u5bfc\u51fa\u6765\u6e90<\/strong>\uff1a\u6307\u5b9a\u5141\u8bb8\u8bbf\u95ee\u7684\u6765\u6e90\u5217\u8868\u3002\u5728\u6b64\u793a\u4f8b\u4e2d\uff0c\u5141\u8bb8\u4f7f\u7528 http:\/\/localhost:3000\u3002<\/p>\n \u5bfc\u51fa simplerequestheaders<\/strong>\uff1a\u5b9a\u4e49\u8de8\u57df\u8bf7\u6c42\u4e2d\u5ba2\u6237\u7aef\u5141\u8bb8\u7684\u8bf7\u6c42\u6807\u5934\u3002<\/p>\n \u5bfc\u51fa simpleresponseheaders<\/strong>\uff1a\u5b9a\u4e49\u4ece\u670d\u52a1\u5668\u5230\u5ba2\u6237\u7aef\u5141\u8bb8\u7684\u54cd\u5e94\u6807\u5934\u3002<\/p>\n \u51fd\u6570 checkoriginmatch<\/strong>\uff1a\u68c0\u67e5\u8bf7\u6c42\u6765\u6e90\u662f\u5426\u4e0e\u5141\u8bb8\u7684\u6765\u6e90\u5217\u8868\u5339\u914d\u3002\u5982\u679c\u5339\u914d\uff0c\u5219\u5141\u8bb8\u8bf7\u6c42\u3002<\/p>\n \u6765\u6e90\u548c\u65b9\u6cd5\u9009\u9879\u7684\u521d\u59cb\u5316<\/strong>\uff0c\u5982\u679c\u672a\u63d0\u4f9b\uff0c\u5219\u4f7f\u7528\u6765\u81ea origin \u548c simplemethods \u7684\u9ed8\u8ba4\u503c\u3002<\/p>\n \u8bbe\u7f6e\u8bf7\u6c42\u548c\u54cd\u5e94\u6807\u5934<\/strong><\/p>\n \u8bbe\u7f6e\u5141\u8bb8\u7684\u8bf7\u6c42\uff08requestheaders\uff09\u548c\u54cd\u5e94\uff08responseheaders\uff09\u6807\u5934\u3002\u5c06\u4efb\u4f55\u7ed9\u5b9a\u7684\u8bf7\u6c42\u6216\u54cd\u5e94\u6807\u5934\u8f6c\u6362\u4e3a\u5c0f\u5199\u3002<\/p>\n \u9644\u52a0\u4e2d\u95f4\u4ef6\u914d\u7f6e<\/strong><\/p>\n maxage<\/strong>\uff1a\u6307\u5b9a cors \u9884\u68c0\u7684\u6700\u5927\u7f13\u5b58\u671f\u9650\u3002 supportcredentials\uff1a\u786e\u5b9a\u670d\u52a1\u5668\u662f\u5426\u652f\u6301\u8de8\u57df\u8bf7\u6c42\u4e2d\u7684\u51ed\u636e\uff08cookie \u6216\u4ee4\u724c\uff09\u3002 endpreflightrequests\uff1a\u51b3\u5b9a\u670d\u52a1\u5668\u662f\u5426\u5e94\u7ec8\u6b62\u9884\u68c0\u8bf7\u6c42\uff08\u9009\u9879\uff09\u6216\u7ee7\u7eed\u6267\u884c\u4e0b\u4e00\u4e2a\u4e2d\u95f4\u4ef6\u3002<\/p>\n \u51fd\u6570 endpreflight<\/strong>\uff1a\u5982\u679c endpreflightrequests \u8bbe\u7f6e\u4e3a true\uff0c\u5219\u7ed3\u675f\u9884\u68c0\uff08options\uff09\u8bf7\u6c42\u3002\u6765\u6e90\u68c0\u67e5\uff1a\u4f7f\u7528 checkoriginmatch \u6765\u9a8c\u8bc1\u8bf7\u6c42\u6765\u6e90\u662f\u5426\u4e0e\u5141\u8bb8\u7684\u6765\u6e90\u5339\u914d\u3002<\/p>\n \u5904\u7406\u9884\u68c0\u8bf7\u6c42\uff08\u9009\u9879\uff09<\/strong><\/p>\n \u8bf7\u6c42\u65b9\u6cd5\u548c\u6807\u5934\u5339\u914d<\/strong>\uff1a\u68c0\u67e5\u8bf7\u6c42\u65b9\u6cd5\u548c\u6807\u5934\u662f\u5426\u4e0e\u5141\u8bb8\u7684\u5339\u914d\u3002 cors \u54cd\u5e94\u6807\u5934\uff1a\u8bbe\u7f6e cors \u6807\u5934\uff0c\u4f8b\u5982 access-control-allow-origin\u3001access-control-allow-credentials\u3001access-control-allow-methods \u7b49<\/p>\n \u5728\u54cd\u5e94\u4e2d\u516c\u5f00\u6807\u5934<\/strong> access-control-expose-headers<\/strong>\uff1a\u5982\u679c simpleresponseheaders \u4e2d\u672a\u5305\u542b\u81ea\u5b9a\u4e49\u6807\u5934\uff0c\u5219\u8bbe\u7f6e\u5ba2\u6237\u7aef\u53ef\u8bbf\u95ee\u7684\u54cd\u5e94\u6807\u5934\u3002<\/p>\n \u8fd9\u5c31\u662f\u5982\u4f55\u5728 node.js \u4e2d\u5b9e\u73b0\u81ea\u5b9a\u4e49 cors\uff0c\u800c\u65e0\u9700\u4f7f\u7528\u4efb\u4f55\u5e93\u3002\u5b8c\u6574\u7684\u811a\u672c\u53ef\u4ee5\u53c2\u8003\u8fd9\u4e2a\u4f8b\u5b50<\/p>\n \u672c\u7bc7\u5173\u4e8e\u300aNodejs + \u81ea\u5b9a\u4e49 CORS\u300b\u7684\u4ecb\u7ecd\u5c31\u5230\u6b64\u7ed3\u675f\u5566\uff0c\u4f46\u662f\u5b66\u65e0\u6b62\u5883\uff0c\u60f3\u8981\u4e86\u89e3\u5b66\u4e60\u66f4\u591a\u5173\u4e8e\u6587\u7ae0\u7684\u76f8\u5173\u77e5\u8bc6\uff0c\u8bf7\u5173\u6ce8\u7c73\u4e91\u516c\u4f17\u53f7\uff01<\/p>\n \u7248\u672c\u58f0\u660e \u672c\u6587\u8f6c\u8f7d\u4e8e\uff1adev.to \u5982\u6709\u4fb5\u72af\uff0c\u8bf7\u8054\u7cfb\u5220\u9664 <\/p>\n Nodejs + \u81ea\u5b9a\u4e49 CORS \u6536\u85cf \u6765\u5230\u7c73\u4e91\u7684\u5927\u5bb6\uff0c\u76f8\u4fe1\u90fd\u662f\u7f16\u7a0b\u5b66\u4e60\u7231\u597d\u8005\uff0c\u5e0c\u671b\u5728\u8fd9\u91cc\u5b66\u4e60\u6587\u7ae0\u76f8\u5173\u7f16\u7a0b\u77e5\u8bc6\u3002\u4e0b\u9762\u672c\u7bc7\u6587\u7ae0\u5c31\u6765\u5e26\u5927\u5bb6\u804a\u804a\u300aNodejs + \u81ea\u5b9a\u4e49 CORS\u300b\uff0c\u4ecb\u7ecd\u4e00\u4e0b\uff0c\u5e0c\u671b\u5bf9\u5927\u5bb6\u7684\u77e5\u8bc6\u79ef\u7d2f\u6709\u6240\u5e2e\u52a9\uff0c\u52a9\u529b\u5b9e\u6218\u5f00\u53d1\uff01 cors\uff08\u8de8\u6e90\u8d44\u6e90\u5171\u4eab\uff09 \u662f\u4e00\u79cd\u5141\u8bb8\u4e00\u4e2a\u57df\u4e0a\u7684 web \u5e94\u7528\u7a0b\u5e8f\u8bbf\u95ee\u53e6\u4e00\u4e2a\u57df\u4e0a\u7684\u8d44\u6e90\u7684\u673a\u5236\u3002\u5f53\u5f00\u53d1\u524d\u7aef\u548c\u540e\u7aef\u5206\u79bb\u5e76\u901a\u8fc7 api \u8fdb\u884c\u901a\u4fe1\u7684\u5e94\u7528\u7a0b\u5e8f\u65f6\uff0c\u8fd9\u4e00\u70b9\u81f3\u5173\u91cd\u8981\u3002 \u8fd9\u91cc\u6709\u4e00\u7bc7\u6587\u7ae0\u89e3\u91ca\u4e86\u5728 node.js \u548c express \u4e2d\u4e0d\u4f7f\u7528\u5916\u90e8\u5e93\u7684 cors \u5b9e\u73b0\uff1a “use strict”; \/*jshint node:true *\/ var simplemethods, simplerequestheaders, simpleresponseheaders, tolowercase, checkoriginmatch, origin; object.defineproperty(exports, “simplemethods”, { get: function () { return [ “get”, “head”, “post”, “put”, “delete” ]; } }); simplemethods = exports.simplemethods; object.defineproperty(exports, […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[16],"tags":[],"class_list":["post-52611","post","type-post","status-publish","format-standard","hentry","category-16"],"_links":{"self":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/52611","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/comments?post=52611"}],"version-history":[{"count":0,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/posts\/52611\/revisions"}],"wp:attachment":[{"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/media?parent=52611"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/categories?post=52611"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/fwq.ai\/blog\/wp-json\/wp\/v2\/tags?post=52611"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}\"use strict\";\n\n\/*jshint node:true *\/\n\nvar simplemethods, simplerequestheaders, simpleresponseheaders, tolowercase, checkoriginmatch, origin;\n\nobject.defineproperty(exports, \"simplemethods\", {\n get: function () {\n return [\n \"get\",\n \"head\",\n \"post\",\n \"put\",\n \"delete\"\n ];\n }\n});\nsimplemethods = exports.simplemethods;\n\nobject.defineproperty(exports, \"origin\", {\n get: function () {\n return [\"http:\/\/localhost:3000\"];\n }\n});\norigin = exports.origin;\n\n<\/pre>\nobject.defineproperty(exports, \"simplerequestheaders\", {\n get: function () {\n return [\"accept\", \"accept-language\", \"content-language\", \"content-type\", \"authorization\", \"token\"];\n }\n});\nsimplerequestheaders = exports.simplerequestheaders;\n\nobject.defineproperty(exports, \"simpleresponseheaders\", {\n get: function () {\n return [\"cache-control\", \"content-language\", \"content-type\", \"expires\", \"last-modified\", \"pragma\"];\n }\n});\nsimpleresponseheaders = exports.simpleresponseheaders;\n<\/pre>\ncheckoriginmatch = function (originheader, origins, callback) {\n if (typeof origins === \"function\") {\n origins(originheader, function (err, allow) {\n callback(err, allow);\n });\n } else if (origins.length > 0) {\n callback(null, origins.some(function (origin) {\n return origin === originheader;\n }));\n } else {\n callback(null, true);\n }\n};\n<\/pre>\nexports.create = function (options) {\n options = options || {};\n options.origins = options.origins || origin;\n options.methods = options.methods || simplemethods;\n<\/pre>\n if (options.hasownproperty(\"requestheaders\") === true) {\n options.requestheaders = tolowercase(options.requestheaders);\n } else {\n options.requestheaders = simplerequestheaders;\n }\n\n if (options.hasownproperty(\"responseheaders\") === true) {\n options.responseheaders = tolowercase(options.responseheaders);\n } else {\n options.responseheaders = simpleresponseheaders;\n }\n<\/pre>\n options.maxage = options.maxage || null;\n options.supportscredentials = options.supportscredentials || false;\n\n if (options.hasownproperty(\"endpreflightrequests\") === false) {\n options.endpreflightrequests = true;\n }\n<\/pre>\n return function (req, res, next) {\n if (!req.headers.hasownproperty(\"origin\")) {\n next();\n } else {\n checkoriginmatch(req.headers.origin, options.origins, function (err, originmatches) {\n if (err !== null) {\n next(err);\n } else {\n var endpreflight = function () {\n if (options.endpreflightrequests === true) {\n res.writehead(204);\n res.end();\n } else {\n next();\n }\n };\n<\/pre>\n if (req.method === \"options\") {\n if (!req.headers.hasownproperty(\"access-control-request-method\")) {\n endpreflight();\n } else {\n requestmethod = req.headers[\"access-control-request-method\"];\n if (req.headers.hasownproperty(\"access-control-request-headers\")) {\n requestheaders = tolowercase(req.headers[\"access-control-request-headers\"].split(\/,\\s*\/));\n } else {\n requestheaders = [];\n }\n\n methodmatches = options.methods.indexof(requestmethod) !== -1;\n if (!methodmatches) {\n endpreflight();\n } else {\n headersmatch = requestheaders.every(function (requestheader) {\n return options.requestheaders.includes(requestheader);\n });\n\n if (!headersmatch) {\n endpreflight();\n } else {\n if (options.supportscredentials) {\n res.setheader(\"access-control-allow-origin\", req.headers.origin);\n res.setheader(\"access-control-allow-credentials\", \"true\");\n } else {\n res.setheader(\"access-control-allow-origin\", \"*\");\n }\n\n if (options.maxage !== null) {\n res.setheader(\"access-control-max-age\", options.maxage);\n }\n\n res.setheader(\"access-control-allow-methods\", options.methods.join(\",\"));\n res.setheader(\"access-control-allow-headers\", options.requestheaders.join(\",\"));\n endpreflight();\n }\n }\n }\n }\n<\/pre>\n
} \u5176\u4ed6 {
if (options.supportscredentials) {
res.setheader(“access-control-allow-origin”, req.headers.origin);
res.setheader(“access-control-allow-credentials”, “true”);
} \u5176\u4ed6 {
res.setheader(“access-control-allow-origin”, “*”);
}<\/p>\n exposedheaders = options.responseheaders.filter(function (header) {\n return !simpleresponseheaders.includes(header);\n });\n\n if (exposedheaders.length > 0) {\n res.setheader(\"access-control-expose-headers\", exposedheaders.join(\",\"));\n }\n\n next();\n }\n }\n });\n }\n};\n<\/pre>\n } else {\n if (options.supportsCredentials) {\n res.setHeader(\"Access-Control-Allow-Origin\", req.headers.origin);\n res.setHeader(\"Access-Control-Allow-Credentials\", \"true\");\n } else {\n res.setHeader(\"Access-Control-Allow-Origin\", \"*\");\n }\n\n exposedHeaders = options.responseHeaders.filter(function (header) {\n return !simpleResponseHeaders.includes(header);\n });\n\n if (exposedHeaders.length > 0) {\n res.setHeader(\"Access-Control-Expose-Headers\", exposedHeaders.join(\",\"));\n }\n\n next();\n }\n }\n });\n }\n };\n<\/pre>\n\n