问题描述

我已经开始在Ionic 1中构建简单的Todo应用程序，我发现了Origin标题的问题。 （与CORS相关）

I have started building simple Todo app in Ionic 1 and I discovered a problem with Origin header. (CORS related)

如果我运行

ionic serve

在浏览器中一切正常，我可以在apache（tomcat）上向我的REST API发出请求。但是当构建我的Android应用程序甚至是离子查看器时，所有请求都会失败。使用chrome调试器我设法找到问题。

everything works fine in browser and i can make requests to my REST API on apache(tomcat). But when build my app for android or even in ionic viewer, all requests fail. Using a chrome debugger I managed to locate the problem.

本机应用程序发送标题（仅在android上测试）

Native app sends header (tested only on android)

Origin: file://

导致我的服务器拒绝请求。在我看来，它应该与主机发送正确的Origin标头。屏幕截图包含更多详细信息。

which causes my server to deny requests. Seems to me that it should send correct Origin header with host. Screenshot with more details is attached below.

什么可以我这样做了吗？

What can I do about that?

此处找到相关主题：

已经发布在这里，没有运气：

Already posted here, with no luck: https://forum.ionicframework.com/t/native-app-is-sending-header-origin-file-which-causes-problems/62388/1

编辑：发布时出现问题，如果我只使用 $ http.post（'http://myapp.com/apiv1/device'）运行离子启动器（标签）模板添加到控制器。

Problem occurs when post, if I run ionic starter (tabs) template with only $http.post('http://myapp.com/apiv1/device') added to controller.

推荐答案

尝试将以下内容添加到您允许的原始请求中：file：// * filesystem：

Try adding the following to your allowed origin request: "file://* filesystem: "

我在Ionic中遇到与< iframes> 相同的问题，我修复了它：

I had the same problem with <iframes> in Ionic and I fix it adding:

Header set Content-Security-Policy "...; frame-ancestors 'self' file://* file://*/* filesystem: http://localhost:*;"

这篇关于离子原生app正在发送标题Origin：file：//导致问题的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！