ããã«ã¡ã¯ã
çŽ æŽãããä»äºãããããšãã
ããã¯ã¯ãã¹ãµã€ããªã¯ãšã¹ãã察象ãšããããã€ãã®ãªãªãŒã¹ã§ããããããã§ãæ©èœãããããšãã§ããŸããã 以åã®æçš¿ãæãäžããŠã次ã®ããã«è¿œå ããŠã¿ãŸããã
èšå®ã«ã ãããŠããããã®ã©ããæ©èœããŸããã§ããã ïŒãã®æ©èœãå®éã«å©çšã§ããå Žåã¯ãreadmeãæŽæ°ãããšåœ¹ç«ã¡ãŸããïŒ
ã§ããã ãæ©ãã¢ããã€ã¹ããŠãã ããã ããããšãã
ããã«ãæ§æã§withCredentialsãtrueã«èšå®ããŠããŸãã
ç§ããã®åé¡ã«ééããŸããããMacã§ããçºçããªãããã§ãã ç§ã¯ãããã¯ãŒã¯ã®ãããã°ã«3æ¥éãšå€ãè²»ãããæ°ãŸããã«ããã©XHRãªã¯ãšã¹ãã䜿çšããŠãããè©Šãããšã«ããŸãããåé¡ã¯ç§ã®ãããã¯ãŒã¯ã§ã¯ãªããaxiosã§ããããšã«æ°ä»ããŸããã
ç§ããã¯ã¬ãã³ã·ã£ã«ãtrueã«èšå®ããŠã¯ãã¹ãµã€ããªã¯ãšã¹ããè¡ã£ãŠããŸãã ãããã¯ãŒã¯ãªã¯ãšã¹ããèŠããšãERR_EMPTY_RESPONSEã衚瀺ããããã©ãŠã¶ãé¢ããåã«ãªã¯ãšã¹ãã倱æããããã«èŠããŸãã
ããã¯ç§ã®èšå®ã§ãïŒ
const myApi = axios.create({
baseURL: 'http://someUrl/someEndpoint',
timeout: 10000,
withCredentials: true,
transformRequest: [(data) => JSON.stringify(data.data)],
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
}
});'
æ©äŒãããã°ããããããã«èª¿ã¹ãŠã¿ãŸãã
ãããç§ã¯é ãããããããã§ã¯ãªãã :)å¯èœã§ããã°ããã調ã¹ãŠãã ããã
ç§ã®åé¡ã¯Axiosãšã¯ç¡é¢ä¿ã§ããããšãããããŸããã Cisco Anyconnectã¯ãç§ã®ãã·ã³ããã®ãªãã·ã§ã³èŠæ±ããããã¯ããŠããŸãã...çç±ã¯ïŒ
ã¯ãã¹ãã¡ã€ã³ãªã¯ãšã¹ãã«ã¯ãè¿œå ã®èšå®ã¯å¿
èŠãããŸããã å€ãIEã§ã¯XDomainRequest
ã䜿çšããããã«ãã©ãŒã«ããã¯ããŸãã https://github.com/mzabriskie/axios/blob/master/lib/adapters/xhr.js#L22
詳现ãæããŠãã ããã ã©ã®ãã©ãŠã¶ãOSãaxiosã®ããŒãžã§ã³ããšã©ãŒã¡ãã»ãŒãžã
Jennyã«ã€ããŠè©±ãããšã¯ã§ããŸããããç¹ã«ãã®ã©ã€ãã©ãªãåå ã§ãCisco Anyconnectã®ããã©ã«ãã®ã»ãã¥ãªãã£ã«ãã£ãŠèŠæ±ããããã¯ãããŸããã€ãŸããä»ã®ã»ãã¥ãªãã£èšå®ã§ããããè¡ãããå¯èœæ§ããããŸãã ç§ã¯ããã远跡ããããšããŠããŸãããä»ã®ãšããéããããŸããã
ããã¯ãciscoAnyconnectããã³å Žåã«ãã£ãŠã¯ä»ã®VPNã¯ã©ã€ã¢ã³ããã€ã³ã¹ããŒã«ãããŠããMacã§ã¯ãã¹ãµã€ããªã¯ãšã¹ããè¡ãããšã§åçŸã§ããŸãã
ç§ã®ç°å¢ã¯æ¬¡ã®ãšããã§ãã
åããªã¯ãšã¹ããcurlã§æ©èœããããšã«æ³šæããŠãã ããã
ããã調ã¹ãŠãããŠããããšãïŒ
CORSã䜿çšãããšããµãŒããŒã«å¯ŸããŠããªãã©ã€ããªã¯ãšã¹ããè¡ããããªã¯ãšã¹ããèš±å¯ãããŠãããã©ããã確èªãããŸãã ããããŒAcces-Control-Allow-Origin: *
ãèšå®ããŠããªã¯ãšã¹ãã¡ãœãããšããŠOPTIONS
ãå«ããªã¯ãšã¹ãã«ãµãŒããŒãå¿çããããã«ããå¿
èŠããããŸããããã«ãããä»»æã®çºä¿¡å
ããã®ãªã¯ãšã¹ããèš±å¯ãããŸãã ãŸãã¯ãç¹å®ã®ãªãªãžã³Acces-Control-Allow-Origin: http://example.com
ã®ã¿ãèš±å¯ããããšãã§ããŸãã
ã¯ããããããŸããã ãããããµãŒããŒã¯ç§ã®ãã®ã§ã¯ãããŸããã BaasïŒãµãŒãã¹ãšããŠã®ããã¯ãšã³ãïŒã䜿çšããŠããŸãã ãããŠã圌ãã¯ãã§ã«ç§ã®ãã¡ã€ã³ãèš±å¯ãªã¹ãã«è¿œå ããŠããŸãã ç§ã¯ãäžèšã®ããŒã¹ã䜿çšããŠããä»ã®äººã ããã®ãããªåé¡ãæ±ããŠããªãããšã確èªããŸããã
ç§ã¯ããªããæäŸãããšã©ãŒã¡ãã»ãŒãžãæ¶ãå»ã£ãŠããŸãããããã«åºã¥ããŠãããªãã®baasãããªãã®ããã«åããŠããããã«ã¯èãããŸããã ã¯ãã¹ãªãªãžã³ã»ãã¥ãªãã£ã¯ãã©ãŠã¶å ã®å¶éã«ãããªããããcurlã䜿çšããŠã倱æããŸããã
ãã©ãŠã¶ã§[ãããã¯ãŒã¯]ã¿ããéããOPTIONSãªã¯ãšã¹ããžã®å¿çãšããŠååŸãããã®ãå ±æã§ããŸããïŒ å¿çããŒã¿ãšããããŒã確èªããããšã§ããã®åé¡ã®ãããã°ã«åœ¹ç«ã€ããšãé¡ã£ãŠããŸãã
ããããšã
ããããŒã¯æ¬¡ã®ãšããã§ãã
axiosã䜿çšããŠAPIãããŠãŒã¶ãŒãããã¡ã€ã«ãååŸãããšãã®GitHubããã®å¿çããããŒã¯æ¬¡ã®ãšããã§ãã
GitHubãAccess-Control-Allow-Origin: *
è¿œå ããŠããããšãããããŸãã Baasããã®å¿çã«ã¯ã Access-Control
ã¿ã€ãã®ããããŒããããŸããã
ããŒããèŠããŸãã è¿ä¿¡ãé ããªã£ãŠãã¿ãŸããã ããã«ã€ããŠããå°ã詳ããèŠãŠã¿ãŸãããã ã©ããããããšãããããŸããã
ç§ãèŠãŠãããã®ãé¢é£ããŠãããã©ããã¯ããããŸããã åºæ¬çã«ãèªèšŒãªã¯ãšã¹ãããªã¢ãŒããµãŒããŒã«éä¿¡ããŠCookieãåãæ»ãããšã¯ã§ããŸããããã®åŸã®ãµãŒããŒãžã®åŒã³åºãã§ã¯Cookieãäžç·ã«éä¿¡ãããªãããããšã©ãŒãçºçããŸãã
ãã°ã€ã³ãžã®POST
åŒã³åºãã®ããããŒã¯æ¬¡ã®ãšããã§ãã
ãããŠä»ããã©ããŒã¢ããGET
åŒã³åºãïŒ
origin
äžã«ãªã¹ããããŠããIPã¢ãã¬ã¹ã¯ç§èªèº«ã®ãã®ãªã®ã§ãåé¡ã«ã¯ãªããªãã¯ãã§ãã ãããééã£ãå Žæã§ããå Žåã¯ãæ°ããåé¡ãäœæããããé©åãªæ¢åã®åé¡ã«æ·»ä»ããŠãã ããã
æ°ãããããšããŠ; ã¹ãã¬ãŒãXHRã䜿çšããŠãã©ããŒã¢ããGET
åŒã³åºãããã¹ãããŸããããCookieã¯åé¡ãªãéä¿¡ãããŸãã ãã ããAxiosãä»ããŠåãåŒã³åºããè¡ããšãäžèšãšåãåé¡ãçºçããŸãã
ããŒãã ç¡èŠããŠãã ãã-ç§ã¯Axiosãä»ããŠæåŸ ã©ããã«ç©ãéã£ãŠããŸããã§ãã:)
ç§ãåãåé¡ã«çŽé¢ããŠããŸãã
ãªãã·ã§ã³ã³ãŒã«ã¯ééããŸãããPOSTã³ãŒã«ã¯corsã«ã¹ã¿ãã¯ããŸãã
http://stackoverflow.com/questions/36907693/axios-cors-issue-with-github-oauth-not-getting-access-token
ãã®ãããªå·šå€§ãªåé¡ã¯ã©ã®ããã«å¯ŸåŠãããŠããªãã®ã§ããïŒ
+1
+1
+1
+1
+1
+1
+1
@dsacramoneããªããèŠãŠããåé¡ã¯äœã§ããïŒ å ±åãããŠããåé¡ã®ã»ãšãã©ã¯ããµãŒããŒã®åé¡ãŸãã¯èª€èŠå ±ã®ããã§ãã ç§ãèŠãããšãã§ããåçŸå¯èœãªãšã©ãŒãããå Žåãç§ã¯ä¿®æ£ã«åãçµãã§ããããã§ãã
ãããååŸ
XMLHttpRequestã¯https://en.wikipedia.org/w/api.php?action=opensearch&format=json&search=fishãèªã¿èŸŒããŸããOrigin'httpïŒ// localhost ïŒ3000 'ãžã®ã¢ã¯ã»ã¹ã¯èš±å¯ãããŠããŸããã
ãŸãããã§ããã䜿çšããŠã¡ã¢ãååŸããŸãã ç§ã¯ãã®ã¯ããŒã ãæè¿åœŒãã®ãªã¯ãšã¹ãèšå®ããªã·ãŒãããå³æ Œã«ãããšæããŸããç§ã¯ãããäœããã®ããããŒãå¿ èŠãšããã ãããšæããŸãïŒäœãããã®ãããããŸããïŒã
ããã«ããã€ãã®äŸããããŸãïŒäž¡æ¹ãšãhttpsçµç±ã§æäŸãããŸãïŒ
äŸ1-æ£åžžã«åäœãã
axios.get('https://randomuser.me/api/')
.then(function (response) {
console.log(response.data);
})
.catch(function (error) {
console.log(error);
});
äŸ2-æ©èœããŠããŸãã-ãšã©ãŒã衚瀺ãããŠããŸããïŒ
axios.get('https://en.wikipedia.org/w/api.php?action=opensearch&format=json&search=fish')
.then(function (response) {
console.log(response.data);
})
.catch(function (error) {
console.log(error);
});
ããããšã©ãŒå¿çã§ã
[object Error] {
config: [object Object] {
data: undefined,
headers: [object Object] { ... },
maxContentLength: -1,
method: "get",
timeout: 0,
transformRequest: [object Object] { ... },
transformResponse: [object Object] { ... },
url: "https://en.wikipedia.org/w/api.php?action=opensearch&format=json&search=fish",
validateStatus: function validateStatus(status) {
return status >= 200 && status < 300;
},
xsrfCookieName: "XSRF-TOKEN",
xsrfHeaderName: "X-XSRF-TOKEN"
},
response: undefined
}
é¢é£ããå¯èœæ§ã®ãããã®ãtransformResponseã«ãããŸããïŒ PROTECTION_PREFIXããããäœãæå³ããã®ãçåã«æã£ãŠããŸããïŒ
[object Object] {
0: function transformResponse(data) {
/*eslint no-param-reassign:0*/
if (typeof data === 'string') {
data = data.replace(PROTECTION_PREFIX, '');
try {
data = JSON.parse(data);
} catch (e) { /* Ignore */ }
}
return data;
}
}
è©ŠããŠã
ã¢ãŒãïŒ 'no-cors'
ãã§ããã§ããã®ãšã©ãŒãçºçããŸã
çãã¯éåžžã«åçŽã§ãããçš®ã®ããããŒãå¿ èŠãªã ãã§ãäœãå¿ èŠãããããªããšæããŸãã
ãŠã£ãããã£ã¢ã®APIã¯ã¡ãã£ãšå€ãã£ãäŸãããããŸããããä»ã®äººã«ãåããšã©ãŒããããŸããïŒ
ãã®ã³ãŒããåé€ãããšãæ©èœããŸãïŒaxios.defaults.withCredentials = true
ãŠã£ãããã£ã¢ã®APIãjsonpã§æ£åžžã«åäœãããããšãã§ããŸãã
var jsonp = require('jsonp');
// search for 'frog'
jsonp('https://en.wikipedia.org/w/api.php?action=opensearch&search=frog&format=json', null, function (err, data) {
if (err) {
console.error(err.message);
} else {
console.log(data);
}
});
è¿œå ã®æ§æã¯å¿ èŠãããŸããã
axiosã§åããšã©ãŒãçºçããŸãã ãããç§ã®Reactã³ã³ããŒãã³ãã§ãïŒ
import React, { Component } from 'react'
import axios from 'axios'
export default class User extends Component {
constructor(props){
super(props)
// axios.defaults.withCredentials = true
const config = {
method: 'get',
url: 'https://api.airbnb.com/v2/users/2917444?client_id=3092nxybyb0otqw18e8nh5nty&_format=v1_legacy_show',
headers: {'X-Requested-With': 'XMLHttpRequest'},
responseType: 'json',
withCredentials: true,
}
axios.request(config)
.then(response => { console.log('response: ', response) });
}
render() {
return (
<div>User</div>
)
}
}
_泚ïŒããŒããªã¯ãšã¹ãã§APIãå®å šã«ãããã§ããŸãã_
@Sinistralisãšåããšã©ãŒãçºçããŠnet::ERR_EMPTY_RESPONSE
ãåãåããŸãïŒç§ã®ãµãŒããŒã¯ãOPTIONSãå«ããã¹ãŠã®CORSããããŒãæ£åžžã«åŠçããŸãïŒã iOS10ãµãã¡ãªã§ã¯ããŸã£ããåãã³ãŒããåé¡ãªãæ©èœãããããããã¯å¥åŠãªããšã§ãã ãããã©ã®ããã«è§£æ±ºããããã確èªããããã«ãç§èªèº«ã§ããå°ã調æ»ãè©Šã¿ãŸãã
ææ°ããŒãžã§ã³ã®chromeãæèŒããå€ãMacïŒ10.11ïŒã§ã¯ããŸã£ããåãã³ãŒãã§ãã®ãšã©ãŒãåçŸããããšã¯ã§ããŸããã ããã¯ç¢ºãã«éåžžã«å¥åŠã§ãã http://lights.suyashkumar.comã«ã¢ã¯ã»ã¹ããã³ã³ãœãŒã«ãæ€æ»ããããšã§åçŸã§ããå ŽåããããŸãïŒã³ãŒãã¯ããã«ãã
ç§ã®ãšã©ãŒã解決ããŸããã ç§ã«ãšã£ãŠã¯ãã¢ããªã±ãŒã·ã§ã³ã®éå§æã«nullå€ãæã€config.headers
ããããŒãå²ãåœãŠãéã®åé¡ã§ããïŒããŒã«ã«ã¹ãã¬ãŒãžããå€ãåŒãåºããæåã¯äœããããŸããïŒã å€ãnullã®ãšãã«å€ã空ã®æååã«å²ãåœãŠããšãåé¡ã解決ããŸãã ããã¯axioså
ã§åŠçã§ããããŸãã¯åŠçããå¿
èŠããããã®ãã©ããçåã«æããŸãïŒxhrã_æã
_å£ããå Žåã«nullããããŒãxhrã«æž¡ãããšã«äŸ¡å€ããããã©ããã¯ããããŸããïŒã
åæ§ã®åé¡ãæ±ããŠããä»ã®äººãã¡ã®ããã«ãç§ã¯ããã€ãã®VPNã¯ã©ã€ã¢ã³ããOPTIONSãªã¯ãšã¹ãããããã¯ããããšãã§ããããšãçºèŠããŸããïŒãããåç §ïŒ
誀解ãæãCORSãšã©ãŒã¯ãŸã axiosã«ãããŸãã fetch
ããªãã£ã«ã¯ããã®åé¡ãä¿®æ£ããããã«mode: 'no-cors'
ããµããŒãããŸãã
ç§ãã¡ãéçšããŠããä»ã®ç°å¢ã®ãã·ã³ããç°ãªãããŒãã®åããã·ã³ã«å¯ŸããŠãªã¯ãšã¹ããè¡ãã«ã¯ããã®çš®ã®ãªã¯ãšã¹ããè¡ãå¿ èŠããããŸãã
@drekiããªããèšåããåé¡ã®èª¬æãæäŸããŠãã ããã
ãµãŒããŒããªãªãžã³ããã®ãªã¯ãšã¹ããåã«åãå ¥ããªãå Žåãã¯ã©ã€ã¢ã³ãåŽã§äœããè¡ãããšã¯ã§ããŸããã å¯èœã§ããã°ãããã§ã»ãã¥ãªãã£ãªãŒã¯ãçºçããå¯èœæ§ããããŸãïŒãç§ãã¡ããšã¯ã€ã³ã¿ãŒãããå šäœãæå³ããŸãïŒ...
ã¢ã¯ã·ãªã¹ã¯ããã§å®å šã«äžèŽããŠè¡åããåå¿ãããšæããŸãã
éèŠãªResponseããããŒã¯Access-Control-Allow-Origin
ããã¯åºæ¬çã«ããã®ãµãŒããŒåŽãµãŒãã¹ãåŒã³åºãããšãã§ããæå¹ãªãªãªãžã³ãèšå®ããŸãã ã¯ã©ã€ã¢ã³ãããããã®èšå®ãããçºä¿¡å
ã®ããããããåŒã³åºããŠããªãå ŽåãèŠæ±ã¯æ¬¡ã®ãããªã³ã³ãœãŒã«ãšã©ãŒã§æåŠãããŸãã
XMLHttpRequestã¯httpïŒ// localhost ïŒ8080 / v1 / api / searchïŒq = candlesãããŒãã§ããŸããã èŠæ±ããããªãœãŒã¹ã«ãAccess-Control-Allow-OriginãããããŒããããŸããã ãããã£ãŠãOrigin'http ïŒ// localhost ïŒ9999 'ãžã®ã¢ã¯ã»ã¹ã¯èš±å¯ãããŠããŸããã
ããªãã¯ã²ã¹ããªã¹ãã«èŒã£ãŠããŸããã
ç§ã®åé¡ãä¿®æ£ããŸããã
localhost:8080
vueã¢ããªããlocalhost:3000
ãšã¯ã¹ãã¬ã¹APIã«ã¢ã¯ã»ã¹ããããšããŸãããããšã©ãŒãè¿ãããŠããŸããã
ãããæ©èœãããã«ã¯ã http://
ãè¿œå ããå¿
èŠãããããšãããããŸããã
ã ããã䜿ãhttp://localhost:3000
ã®ä»£ããã«localhost:3000
ã®devã®ãã¹ããè¡ããšãã
ç§ã¯wikmediaapiã§åãåé¡ãæ±ããŠããŸããã 圌ãã®CORSããŒãžïŒhttps://www.mediawiki.org/wiki/Manual:$wgCrossSiteAJAXdomainsïŒã調ã¹ãŠããªã¯ãšã¹ãã«origin = *ãè¿œå ãããšãããåé¡ãä¿®æ£ãããŸããã
axios.get('https://en.wikipedia.org/w/api.php?action=opensearch&format=json&origin=*&search=Albert')
.then(function(res) {
console.log(res);
})
.catch(function(err) {
console.log('Error: =>' + err);
})
æãããcorsãšã©ãŒã¡ãã»ãŒãžã衚瀺ãããŸãããããªã¯ãšã¹ãããµãŒããŒã«ãããããŠããŸããã
XMLHttpRequest cannot load "...url here...". No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access.
ã¢ã¯ã·ãªã¹ããŒã ãä¿®æ£ããŠããã ããŸãããïŒ
@mellogarrettããã¯ãã ããïŒ //developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
éèŠãªåŒçšïŒ
ãã»ãã¥ãªãã£äžã®çç±ããããã©ãŠã¶ã¯ã¹ã¯ãªããå ããéå§ãããã¯ãã¹ãªãªãžã³HTTPãªã¯ãšã¹ããå¶éããŸããããšãã°ãXMLHttpRequestãšFetchã¯åäžçæå ããªã·ãŒã«åŸããŸãããããã£ãŠãXMLHttpRequestãŸãã¯Fetchã䜿çšããWebã¢ããªã±ãŒã·ã§ã³ã¯ãç¬èªã®ãã¡ã€ã³ã«å¯ŸããŠã®ã¿HTTPãªã¯ãšã¹ããäœæã§ããŸãã Webã¢ããªã±ãŒã·ã§ã³ãæ¹åããéçºè ã¯ãã©ãŠã¶ãã³ããŒã«ã¯ãã¹ãã¡ã€ã³ãªã¯ãšã¹ããèš±å¯ããããã«äŸé ŒããŸãããã
ãã®åé¡ãæ±ããŠãã人ã®å€ãã¯ããããããµãŒããŒãOPTIONSãªã¯ãšã¹ãã«å¿çããŠããŸããã OPTIONSãªã¯ãšã¹ããšPOSTãªã¯ãšã¹ãã®äž¡æ¹ã«ãã³ãã©ãŒïŒCORSããããŒä»ãïŒãããããšã確èªããŠãã ããã ã¯ã©ã€ã¢ã³ãïŒaxiosïŒã¯æåã«OPTIONSã«pingãå®è¡ãã次ã«POSTãå®è¡ããŸãã
Firefoxã§ãåããšã©ãŒãçºçããŸãããChromiumã§ã¯çºçããŸããã 次ã«ãNoScriptãïŒFirefoxã«ïŒãªã¢ãŒããµãŒããŒãžã®èŠæ±ã劚ããŠããããšãæãåºããŸããã NoScriptïŒãŸãã¯åæ§ã®ãã©ã°ã€ã³ïŒãã€ã³ã¹ããŒã«ãããŠããå Žåã¯ãæåã«ããã確èªããŠãã ããã
ç§ã®å Žåãåé¡ã¯Axiosã«é¢é£ããŠããŸããã§ããã çŽ æŽãããä»äºãããããšãã
ãã®åé¡ã®ä¿®æ£ãã°ãŒã°ã«ã§èª¿ã¹ãŠããä»ã®äººã«ãšã£ãŠã¯ãç§ã¯ãã¹ãŠåãçç¶ã瀺ããŸããããåé¡ããµãŒããŒäžã®php.inièšå®ã«ãã¬ãŒã¹ããŸããã
ããªãã©ã€ãOPTIONSãªã¯ãšã¹ãã¯æåãããã®åŸã«é©åãªPOSTãªã¯ãšã¹ããç¶ããŸãããã @ mellogarrettãšåæ§ã®No 'Access-Control-Allow-Origin' header is present on the requested resource...
ãååŸããŠããŸããã ããã¯ãŸã£ããå¥åŠã«æããã®ã§ã Chromeãã©ã°ã€ã³ã䜿çšããŠCORSä¿è·ãäžæçã«ç¡å¹ã«ããŸããã ãã®åŸãåé¡ã¯å®éã«ã¯PHPãšã©ãŒã§ããããšãããããŸããã
Deprecated: Automatically populating $HTTP_RAW_POST_DATA is deprecated and will be removed in a future version. To avoid this warning set 'always_populate_raw_post_data' to '-1' in php.ini and use the php://input stream instead. in Unknown on line 0
ãã®æçš¿ã«ã¯åé¡ã«é¢ãã詳现æ
å ±ããããŸãããèŠããã«ãPHP 5.6ã䜿çšããŠããå Žåã¯ãphp.iniã®always_populate_raw_post_data
ã³ã¡ã³ããå€ãã -1
èšå®ããå¿
èŠããããŸãã ããã«ãããä»ã®èª°ãããã©ãã«ã·ã¥ãŒãã£ã³ã°ã®æ°æéãç¯çŽã§ããããšãé¡ã£ãŠããŸãð€
ãã@daltonamitchellç§ã¯åãåé¡ã
@ RT-TLãã©ã°ã€ã³ã¯ãCORSããããã¯ããã«å¿çã³ã³ãã³ãã衚瀺ããããã«ã®ã¿äœ¿çšãããŸãã ç§ã®å Žåããã¹ãç®çã§Hello World
ãããªæååãè¿ãã ãã ã£ãã®ã§ãCORSãç¡å¹ã«ãããšã次ã®ãããªãã®ã衚瀺ãããŸããã
Deprecated: Automatically populating $HTTP_RAW_POST_DATA is deprecated and will be removed in a future version. To avoid this warning set 'always_populate_raw_post_data' to '-1' in php.ini and use the php://input stream instead. in Unknown on line 0
Hello World
ã³ã³ãããŒã©ã¡ãœããã®å
é ã«error_reporting(E_ERROR | E_WARNING | E_PARSE | E_NOTICE)
ãŸãã¯error_reporting(E_ALL)
ãè¿œå ããŠã PHPèŠåãæå¹ã«ãªã£ãŠããããšã確èªããŠãã ããã ããã§ãäœã衚瀺ãããªãå Žåã¯ãåçŽãªJSONå¿çãè¿ããŠãæåŸ
ã©ããã«è¡šç€ºãããããšã確èªããŠã¿ãŸãã
誰ãããŸã ãã®åé¡ãçµéšããŠããŸããïŒ ç§ã¯åãããšã«ééããŠããŸãïŒ
const instance = axios.create({
baseURL: 'http://localhost/',
responseType: 'json',
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'Authorization': 'test',
'X-Test': 'testing'
}
})
axios.get('v2/portal/bar/foo?')
å¿çããããŒ
HTTP/1.1 401 Unauthorized
Server: nginx/1.11.10
Date: Fri, 24 Mar 2017 07:12:13 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 0
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: POST, PUT, DELETE, GET, OPTIONS
Access-Control-Allow-Headers: *
ãªã¯ãšã¹ãããããŒ
OPTIONS /v2/portal/bar/foo? HTTP/1.1
Host: localhost
Connection: keep-alive
Access-Control-Request-Method: GET
Origin: http://localhost:3000
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.98 Safari/537.36
Access-Control-Request-Headers: authorization,content-type,x-test
Accept: */*
Referer: http://localhost:3000/dashboard/report
Accept-Encoding: gzip, deflate, sdch, br
Accept-Language: en-US,en;q=0.8,fr;q=0.6,nl;q=0.4,zh-TW;q=0.2,zh;q=0.2,zh-CN;q=0.2
ããããŒãæ£ããéä¿¡ãããªãçç±ãããããŸããã
ããã§ãåãåé¡ããããOPTIONSãªã¯ãšã¹ãã¯è¡ãããŸãããPOSTãªã¯ãšã¹ãã¯è¡ãããŸããã
TLDRïŒãã§ããã¯æ©èœããŸããã JSON.stingify
ã䜿çšããªãéããaxiosã¯æ©èœããŸãã
ãã®ãããOPTIONSãã¯ãã¹ãªãªãžã³ãªã¯ãšã¹ãçšã«ããããŒãèšå®ããŠ200ãè¿ããšãããã®ãšã©ãŒã®ããªãšãŒã·ã§ã³ã確èªããŸããããPOSTã¯è¡ãããŸããã ãã®æ¡åŒµæ©èœã䜿çšãããšãæåŸ ã©ããã«
ãµãŒããŒãAccess-Control-Allow-Origin: *
å¿çããŠããŸã
ã³ãŒããšã¹ã¯ãªãŒã³ã·ã§ãããå«ããã¹ãŠã®äŸã次ã«ç€ºããŸãã
ã¢ã¯ã·ãªã¹ïŒ
axios.post('http://localhost:3001/card', { test: 'test' })
ãã§ããïŒ
return fetch('http://localhost:3001/card', {
method: 'POST',
body: { test: 'test' },
})
JSON.stringify
return fetch('http://localhost:3001/card', {
method: 'POST',
body: JSON.stringify({ test: 'test' }),
})
ããŒã¿ã次ã®ããã«JSON.stringify
ingããããšã§ãaxiosãæ©èœãããããšãã§ããŸããã
return axios.post('http://localhost:3001/card', JSON.stringify({ test: 'test' }));
@kwhitakerã説æããã®ãšåãåé¡ã«çŽé¢ããŠããŸãã@ zlyiãææ¡ããããã«ã axios.defaults.withCredentials = true;
ãšããè¡ãè¿œå ãããšããã¹ãŠãæåŸ
ã©ããã«æ©èœãå§ããŸããã
ãã¹ãŠãè©ŠããŸãããããŸã åé¡ããããŸãã :(
ãã¹ãŠãè©ŠããŸãããããŸã åé¡ããããŸãã :(
.htaccsessã«ä»¥äžãè¿œå ããããšã§åé¡ã管çããŸããïŒ
<IfModule mod_headers.c>
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
</IfModule>
ãããã·ã䜿çšããŠããã«å¯ŸåŠããããšãã§ããŸããã package.json
ãããã·ãè¿œå ããŸã
{
"proxy": "http://some-url/some-endpoint"
}
次ã«ããªã¯ãšã¹ãããŸãã
axios.get('/user?ID=12345')
.then(function (response) {
console.log(response)
})
.catch(function (error) {
console.log(error)
})
ããã¯ãµãŒããŒåŽã®åé¡ã§ãããå¿çããããŒã«'Acces-Control-Allow-Origin': '*'
ãå«ããå¿
èŠããããŸãã Expressã䜿çšããŠããå Žåã¯ã npm-corsã䜿çšããŠããå
ç¢ã§ãšã¬ã¬ã³ããªå®è£
ãè¡ãããšãã§ããŸãã
+1 @ProfNandaa
ããŒã«ã«ãµãŒããŒã«ãšã¯ã¹ããŒããäœæããŸãã
# cors.js file
module.exports = (req, res, next) => {
res.setHeader("Access-Control-Allow-Origin", "*");
res.setHeader("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept");
next();
}
ã ããç§ã¯å²ãåœãŠãŸãïŒ
`` `
const cors = requireïŒ 'cors'ïŒ;
router.useïŒcorsïŒ;
`` ``
ãããå
ã«é²ã¿ãŸããã...ããããšã
ãµãŒããŒãOPTIONèŠæ±ãåãå ¥ããªãå Žåããšã©ãŒãçºçããŸãã
ããµãŒããŒã«OPTIONãªã¯ãšã¹ãåŠçãè¿œå ããããšã³ã¡ã³ãããŠããå Žåã¯ãæ©èœããŸããã OPTIONãªã¯ãšã¹ãåŠçãæå¹ã«ãªã£ãŠããããŒã«ã«ç°å¢ãå®è¡ããŠããŸãã
ãã®åé¡ã¯ãäžèšã®ãŠãŒã¶ãŒãšåãããã«çºçããŸããã Axios.post(url, obj)
ã¯CORS 403çŠæ¢ãšã©ãŒãè¿ããŸãããã Axios.post(url, JSON.stringify(obj))
æŽæ°ãããšæ£ããæ©èœããŸããã
ç§ã¯åçŽãªãã¥ãŒããªã¢ã«ãããžã§ã¯ãã«åãçµãã§ãããããŸããŸãªAPIã«ã¢ã¯ã»ã¹ããã®ã«åé¡ããããŸããã ç§ãããŸããããšããã£ãå¯äžã®è§£æ±ºçã¯ãäžèšã®thiagodebastosã«ãã£ãŠèšåããããã®ã§ãã
getã®ä»£ããã«jsonpã䜿çšããã ãã§ãããŒã¿ã«ã¢ã¯ã»ã¹ã§ããŸããã
ç§ã¯ãã®åé¡ãæ±ããŠããŸããããããŠkoa-corsã¯ç°¡åãªè§£æ±ºçã§ããïŒ ïŒnpm-ProfNandaaã«ããExpressãŠãŒã¶ãŒã®corsïŒ
ããã§ãŸã åé¡ãçºçããŠããå ŽåïŒ Axiosã¯ãCOR ãOPTIONSãªã¯ãšã¹ãã JSON.encoded
ãªãã§ãªã¯ãšã¹ãã®æ¬æãšããŠéä¿¡ãããJSONãããã³AxiosãšèŠæ±ã«å¿çãããµãŒããŒã¯é©åã«æ§æãããŠããŸãã
èç«ãããè©Šè¡é¯èª€ãå¿ èŠã§ããããAxiosã§æ£åžžã«æ©èœããã¯ãã¹ãã¡ã€ã³ãªã¯ãšã¹ãããããŸãã
ããã€ãã®ãã€ã³ãïŒ
ãªã¯ãšã¹ããæ©èœããããã«ã¯ã
ãµãŒããŒã¯OPTIONSèŠæ±ã«å¿çããŸããããã¯ãå¿çã200以å€ã§ããã¹ãŠã®æ£ããããããŒãèšå®ãããŠããå Žåãšåæ§ã«ã ãããªãã©ã€ããèŠæ±ã¯å€±æããŸãã
ãªã¯ãšã¹ãã¯æ£ããããããŒã§è¡ããããµãŒããŒã¯å¿ èŠãªãã¹ãŠã®ããããŒã§å¿çããŸãã
Cookie /æ¿èªããããŒãŸãã¯TLSã¯ã©ã€ã¢ã³ã蚌ææžãå¿
èŠãªå Žåã¯ãAxiosèŠæ±ã«å¯ŸããŠallowCredentialsãtrueã«éä¿¡ããŸãã ããã¯ãããã©ã«ãïŒ axios.defaults.withCredentials = true
ïŒãŸãã¯ãªã¯ãšã¹ãããšã«å®è¡ã§ããŸãã
æåãããªã¯ãšã¹ãããããŒã®äŸ
Access-Control-Request-Headers: Content-Type
Access-Control-Request-Method: GET
æåããå¿çããããŒã®äŸ
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: X-PINGOTHER, Content-Type
Access-Control-Allow-Methods: GET, POST, PUT, PATCH, DELETE, HEAD, OPTIONS
Access-Control-Allow-Origin: http://your-origin-url.com
å¿çããããŒãåŸã ã«è¿œå ããŠãããšãããŸããŸãªçµã¿åããã§ãšã©ãŒãäºæããªãåäœã蚺æããã®ãå°é£ã§ããããšãããããŸããã
Access-Control-Allow-Credentials: true
ããªããšãCookieã¯éä¿¡ãŸãã¯æ°žç¶åãããŸããã§ãããããã¯ããã®ããããŒã®MDNããŒãžãèªãã åŸã§æå³ããããŸãã
ãã®ããã¥ã¡ã³ããèªããšåœ¹ç«ã¡ãŸãã
åé¡ãæ±ããŠãã人ã¯èª°ã§ãã ...Allow-Headers: Content-Type
ãéèŠã§ãã
Access-Control-Allow-Origin: '*'
Access-Control-Allow-Methods: ...
Access-Control-Allow-Headers: Content-Type, Accept
'Allow-Control-Allow-OriginïŒ*'ãšããååã®ãã®Chromeæ¡åŒµæ©èœã䜿çšããŠããŸã
ãããããªãã®åé¡ãå©ããããšãã§ããããšãé¡ã£ãŠããŸãã
Axiosããã®ãšã©ãŒãä¿®æ£ã§ããªãçç±ãç解ããŠããªã人ã®ããã«ïŒ
ããã¯Axiosã®åé¡ã§ã¯ãããŸããã ãã©ãŠã¶ã®åé¡ã§ãã ãã©ãŠã¶ã®JSã¯ãé©åãªããããŒãèšå®ãããŠããªããµãŒããŒãžã®ãªã¯ãšã¹ããæåŠããŸãã ã¯ã©ã€ã¢ã³ãã§Reactã®ãããªãã®ã§ããã䜿çšããŠããå Žåã¯ãæ··ä¹±ããªãã§ãã ãããããã¯ReactãAxiosã®åé¡ã§ã¯ãªããåã«CORSæšæºãå°éãããã©ãŠã¶ã§ãã
JakeElderã¯ãAPIã®ãµãŒããŒåŽã§äœãããå¿ èŠããããã«ã€ããŠã®é©åãªèª¬æãããã«æäŸããŸãïŒ https ïŒ
ã¢ã¯ã»ã¹ããããšããŠãããµãŒããŒãå¶åŸ¡ã§ããªãå Žåã¯ãã³ã³ãã³ãããã§ããããŠæ£ããããããŒã§è¿ããããã·ãµãŒããŒãäœæããå¿ èŠããããŸãã
ãªããããå®è£ ãããã®ãããããªãã ãµãŒããŒã«æ å ±ãååŸããããã«èŠæ±ããããããµãŒããŒã«ç¹å®ã®ããããŒãèšå®ãããŠããªãããã«ã§ããªãå Žåã¯ã確ãã«è¿·æã§ãã éåžžã«å¶éãããŠããããã§ãã ãããããªã ...
@ robins-eldoç¹°ãè¿ããŸãããç§ã¯ããªããæ£ãããšã¯æããŸããã
ç§ã®å ã®ã³ã¡ã³ãïŒ
For those commenting saying "Add OPTION request handling to your server", that does not work. I'm running a local environment that has OPTION request handling enabled.
I experienced this issue identically as a user above, where Axios.post(url, obj) returned the CORS 403 forbidden error, but updating that to Axios.post(url, JSON.stringify(obj)) worked correctly.
ãããå®éã«ãµãŒããŒã®åé¡ã§ãããAxiosã®åé¡ã§ã¯ãªãå ŽåãOPTIONSèŠæ±ã¯ã©ã¡ãã®æ¹æ³ã§ã倱æããããããªããžã§ã¯ããã¹ããªã³ã°åããŠã圱é¿ã¯ãããŸããã
@alexanderbanks
OPTION HTTPã¡ãœããã«ã€ããŠã¯ããããããŸããããç§ã®ç¹å®ã®åé¡ã¯ãäœæããå
éšAPIïŒããã§ã¯å
éšAPIããµãŒããŒïŒã«POSTããããšããŠããReactã¯ã©ã€ã¢ã³ããããããšã§ããã ãã®ãšã©ãŒãçºçãç¶ããŸããïŒ Failed to load resource: Origin http://localhost:7149 is not allowed by Access-Control-Allow-Origin. XMLHttpRequest cannot load http://localhost:8902/user-login due to access control checks.
Axiosã®åé¡ãããããªããšæã£ãã®ã§ã代ããã«Unirestãè©ŠããŸããããåããšã©ãŒãçºçãç¶ããŸããã ã ããç§ã¯ãããäœãä»ã®ãã®ã«éããªããšæã£ãã ããããã©ãŠã¶ã®åé¡ãªã®ãReactãªã®ãã¯ããããŸããããAPIãµãŒããŒïŒNodejs + Express APIïŒã«ä»¥äžãè¿œå ãããšããã«ãã¯ã©ã€ã¢ã³ãåŽã§AxiosãšUnirestã®äž¡æ¹ã§ãã¹ãŠãæ©èœãå§ããŸããã
app.use(function(req, res, next) {
res.header("Access-Control-Allow-Origin", "*");
next();
});
ãããããããã§å®éã«äœãèµ·ãã£ãŠããã®ãã«ã€ããŠã®ç§ã®ç解ã¯ããå¶éãããŠããŸããããµãŒããŒäžã®ãã®ãããã®ã³ãŒãã¯ç§ã«ãšã£ãŠåé¡ã解決ããŸããã
ãµãŒããŒããªãªãžã³ã¢ã¯ã»ã¹ãå¶éããããŠããªãããšã確èªããŠãã ãããããŒã³ãŒã«ãåé¿ãããå Žåã¯ã次ã®ããšãè©ŠããŠãã ããã
return axios(url, {
method: 'POST',
mode: 'no-cors',
headers: {
Accept: 'application/json',
'Content-Type': 'application/json',
},
withCredentials: true,
credentials: 'same-origin',
}).then(response => {
})
CORSã®ä»çµã¿ã«ã€ããŠæ··ä¹±ããŠãã人ããããšæããŸãã ãã ããå ã ã®åé¡ã¯CORSã«é¢ãããã®ã§ã¯ãªããå°ãªããšããããéèŠãªåé¡ã§ããã¯ãã§ãã ã€ãŸããCORSãé©åã«æ§æããŠããããæçš¿ãæ©èœããªãå Žåã§ãããµãŒããŒãé©åã«æ§æããæ¹æ³ã§ã¯ãªããå ±åããåé¡ã§ãã
APIã®åäœãããããã ãã¹ãŠã®corsGETãªã¯ãšã¹ãã¯ãcredentialsïŒtrueãã§æ©èœããŠããŸããã
POSTãªã¯ãšã¹ãã®å Žåãåããªãªãžã³ãªã¯ãšã¹ãã¯ããŒã¿ãªããžã§ã¯ããæåååããã«æ©èœããŸãããCORS POSTãªã¯ãšã¹ãã®å ŽåãããŒã¿ãªããžã§ã¯ããæåååãããšæ©èœãå§ããŸãã
æ£ç¢ºãªçç±ã¯ããããŸããã§ããããåé¡ã¯è§£æ±ºããŸããã
ç³ãèš³ãããŸããããåããããã¯ã®åšãã§ãµãŒã¯ã«ãè¡ã£ãŠããããã«èŠããããããã®ã¹ã¬ãããããã¯ããŠããŸãã å¥ã®åé¡ã§ã«ããŒãããŠããªãç¹å®ã®åé¡ãããå ŽåïŒèšå®ãã¹ã«ããäžè¬çãªCORSã®åé¡ããã©ãŒã ã®urlencodedã§ã¯ãªãJSONãšããŠéä¿¡ãããPOSTãªã¯ãšã¹ããªã©ïŒãç¹å®ã®è©³çŽ°ãå«ãæ°ããåé¡ãéããŠãã ããã
æãåèã«ãªãã³ã¡ã³ã
ãã®ãããªå·šå€§ãªåé¡ã¯ã©ã®ããã«å¯ŸåŠãããŠããªãã®ã§ããïŒ