问题描述

我有一个ajax文件上传使用（Dropzone js）。它将文件发送到我的hapi服务器。我意识到浏览器发送了一个PREFLIGHT OPTIONS方法。但我的hapi服务器似乎没有发送正确的响应头，所以我得到错误铬。
这里是我在chrome上的错误

I have an ajax file upload using (Dropzone js). which sends a file to my hapi server. I realised the browser sends a PREFLIGHT OPTIONS METHOD. but my hapi server seems not to send the right response headers so i am getting errors on chrome.here is the error i get on chrome

XMLHttpRequest cannot load http://localhost:3000/uploadbookimg. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:4200' is therefore not allowed access.

这是hapi js路由处理程序

this is the hapi js route handler

server.route({
        path: '/uploadbookimg',
        method: 'POST',
        config: {
            cors : true,
            payload: {
                output: 'stream',
                parse: true,
                allow: 'multipart/form-data'
            },
        handler: require('./books/webbookimgupload'),
        }
    });

在我的理解中，hapi js应该发送来自预战斗（OPTIONS）请求的所有cors标题。
不明白为什么不是

In my understanding hapi js should send all cors headers from the Pre-fight (OPTIONS) request.Cant understand why its is not

Chrome的网络请求/响应

Network request /response from chrome

**General**
Request Method:OPTIONS
Status Code:200 OK
Remote Address:127.0.0.1:3000

**Response Headers**
view parsed
HTTP/1.1 200 OK
content-type: application/json; charset=utf-8
cache-control: no-cache
vary: accept-encoding
Date: Wed, 27 Apr 2016 07:25:33 GMT
Connection: keep-alive
Transfer-Encoding: chunked

**Request Headers**
view parsed
OPTIONS /uploadbookimg HTTP/1.1
Host: localhost:3000
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Access-Control-Request-Method: POST
Origin: http://localhost:4200
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/50.0.2661.87 Safari/537.36
Access-Control-Request-Headers: accept, cache-control, content-type
Accept: */*
Referer: http://localhost:4200/books/upload
Accept-Encoding: gzip, deflate, sdch
Accept-Language: en-US,en;q=0.8

p>

推荐答案

hapi cors：true 是一个通配符规则，除少数情况外，包括：

The hapi cors: true is a wildcard rule that allows CORS requests from all domains except for a few cases including when there are additional request headers outside of hapi's default whitelist:

[accept，authorization，content-type，if-none-match origin]

这篇关于hapi.js Cors飞行前不返回Access-Control-Allow-Origin头的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持！