我使用了两个nodejs(没有Express)应用程序:
webprocess dataprocess
dataprocess使用以下代码发回一条休息消息:
var status = 200;
if (responseStatus) {
status = responseStatus;
}
var contentType = "application/json; charset=utf-8";
if (responsecontentType) {
contentType = responsecontentType;
}
this.response.statusCode = status;
//http://www.w3.org/TR/cors/
//The server allows any domain to call it with the XMLHttpRequest
this.response.setHeader("Access-Control-Allow-Origin", this.request.headers.origin);
//The server allow the content-type header
this.response.setHeader("Access-Control-Allow-Headers", "Content-Type");
this.response.setHeader("Access-Control-Allow-Methods", "GET,POST,PUT,DELETE,OPTIONS");
this.response.setHeader("Content-Type", contentType);
this.response.end(contentText);
在本地,一切正常,“Access-Control-Allow-Origin”工作正常。但是,当我在heroku上创建两个应用程序并进行部署时,我在飞行前的ajax调用(OPTIONS)上获得了浏览器跨域异常。不确定是什么问题?
感谢您的帮助
的Yoann
答案 0 :(得分:2)
如果您想允许任何域根据代码中的注释调用您的端点,则应使用通配符而不是this.request.headers.origin
//The server allows any domain to call it with the XMLHttpRequest
this.response.setHeader("Access-Control-Allow-Origin", "*");