在角度全堆发生器上启用CORS？

好吧，我有一个EC2实例启动和运行的NodeJS并表达我uing香草安装generator和我的app.js文件如下：在申报要求在角度全堆发生器上启用CORS？

/** 
* Main application file 
*/ 

'use strict'; 

// Set default node environment to development 
process.env.NODE_ENV = process.env.NODE_ENV || 'development'; 

var express = require('express'); 
var mongoose = require('mongoose'); 
var config = require('./config/environment'); 


// Connect to database 
mongoose.connect(config.mongo.uri, config.mongo.options); 

// Populate DB with sample data 
//require('./config/seed'); 

// Setup server 
var app = express(); 

var server = require('http').createServer(app); 


var socketio = require('socket.io')(server, { 

    serveClient: (config.env === 'production') ? false : true, 
    path: '/socket.io-client' 

}); 
require('./config/socketio')(socketio); 
require('./config/express')(app); 
require('./routes')(app); 

// Start server 
server.listen(config.port, config.ip, function() { 
    console.log('Express server listening on %d, in %s mode', config.port, app.get('env')); 
}); 

// Expose app 
exports = module.exports = app;

route.js（ ” ./routes')(app）;如下所示：

/** 
* Main application routes 
*/ 

'use strict'; 

var errors = require('./components/errors'); 
var cors = require('./config/cors'); 
module.exports = function(app) { 
    /* 
    app.all('*', function(req, res, next) { 
    res.header("Access-Control-Allow-Origin", "*"); 
    res.header("Access-Control-Allow-Headers", "X-Requested-With"); 
    next(); 
    }); 
    app.all('/', function(req, res, next) { 
    res.header("Access-Control-Allow-Origin", "*"); 
    res.header("Access-Control-Allow-Headers", "X-Requested-With"); 
    next(); 
    }); 
    app.use(function(req, res, next) { 
    res.header("Access-Control-Allow-Origin", "*"); 
    res.header("Access-Control-Allow-Headers", "X-Requested-With"); 
    next(); 
    }); 
*/ 
// Insert routes below 
    app.use('/api/things', require('./api/thing')); 
    app.use('/api/users', require('./api/user')); 

    app.use('/auth', require('./auth')); 

    // All undefined asset or api routes should return a 404 
    app.route('/:url(api|auth|components|app|bower_components|assets)/*') 
    .get(errors[404]); 


    // All other routes should redirect to the index.html 
    app.route('/*') 
    .get(function(req, res) { 
     res.sendfile(app.get('appPath') + '/index.html'); 
    }); 
};

express（'./ express'）（app）中声明的express.js;如下：

/** 
* Express configuration 
*/ 

'use strict'; 

var express = require('express'); 
var favicon = require('serve-favicon'); 
var morgan = require('morgan'); 
var compression = require('compression'); 
var bodyParser = require('body-parser'); 
var methodOverride = require('method-override'); 
var cookieParser = require('cookie-parser'); 
var errorHandler = require('errorhandler'); 
var path = require('path'); 
var config = require('./environment'); 
var passport = require('passport'); 

module.exports = function(app) { 
    var env = app.get('env'); 
    app.set('views', config.root + '/server/views'); 
    app.engine('html', require('ejs').renderFile); 
    app.set('view engine', 'html'); 
    app.use(compression()); 
    app.use(bodyParser.urlencoded({ extended: false })); 
    app.use(bodyParser.json()); 
    app.use(methodOverride()); 
    app.use(cookieParser()); 
    app.use(passport.initialize()); 
    if ('production' === env) { 
    app.use(favicon(path.join(config.root, 'public', 'favicon.ico'))); 
    app.use(express.static(path.join(config.root, 'public'))); 
    app.set('appPath', config.root + '/public'); 
    app.use(morgan('dev')); 
    } 

    if ('development' === env || 'test' === env) { 
    app.use(require('connect-livereload')()); 
    app.use(express.static(path.join(config.root, '.tmp'))); 
    app.use(express.static(path.join(config.root, 'client'))); 
    app.set('appPath', 'client'); 
    app.use(morgan('dev')); 
    app.use(errorHandler()); // Error handler - has to be last 
    } 
};

，但无论在哪里，我宣布任何这些：

app.all('*', function(req, res, next) { 
    res.header("Access-Control-Allow-Origin", "*"); 
    res.header("Access-Control-Allow-Headers", "X-Requested-With"); 
    next(); 
    }); 
    app.all('/', function(req, res, next) { 
    res.header("Access-Control-Allow-Origin", "*"); 
    res.header("Access-Control-Allow-Headers", "X-Requested-With"); 
    next(); 
    }); 
    app.use(function(req, res, next) { 
    res.header("Access-Control-Allow-Origin", "*"); 
    res.header("Access-Control-Allow-Headers", "X-Requested-With"); 
    next(); 
    });

它不工作，我得到：

XMLHttpRequest cannot load http://query.yahooapis.com/v1/public/yql?q=select%20*%20from%20yahoo.financ…5.NYM%22)&format=json&env=store%3A%2F%2Fdatatables.org%2Falltableswithkeys. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:9000' is therefore not allowed access.

来源

2014-12-06 vimes1984

除非你的服务器的NodeJS在http://query.yahooapis.com运行，将响应“ access-control-allow- *“标题到您的服务器代码并不能解决您的”相同来源策略“问题。使用JSONP从您的客户端代码访问“外国”服务器：http://stackoverflow.com/questions/10375946/yahoo-forecastjson-gives-xml-error – Capricorn 2014-12-06 23:54:52

我已经返回jsonp奇怪的是，这是工作我认为这是在应用程序中添加授权标头的设置... – vimes1984 2014-12-07 00:01:25

您需要启用CORS中间件您的节点快递应用程序。您可以通过在应用程序模块添加

"cors": "^2.5.1",

你的依赖关系的package.json &做到这一点，

var cors = require('cors'); 
//add cors to do the cross site requests 
app.use(cors());

来源

2014-12-07 04:49:40

在角度全堆发生器上启用CORS？

回答

相关问题