猎鹰Web服务器在localhost上违反了同源策略

猎鹰Web服务器在localhost上违反了同源策略

本文介绍了猎鹰Web服务器在localhost上违反了同源策略的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我正在通过localhost:8000上的elm-reactor运行elm前端.它应该通过localhost:8010上的gunicorn从 falcon后端加载json文件.这会失败.

I am running an elm frontend via elm-reactor on localhost:8000. It is supposed to load json files from a falcon backend running via gunicorn on localhost:8010. This fails.

前端能够加载由elm-reactor(:8000)服务的静态虚拟文件,但是当我尝试用实际后端(:8010)替换虚拟对象时,由于缺少标头,它会失败:

The frontend is able to load static dummy files served by elm-reactor (:8000) but when I try to replace the dummies by the actual backend (:8010) it fails due to a missing header:

来自Firefox Inspector的错误消息似乎相当清楚,但是我不知该如何解决.我已经在猎鹰中安装了CORS中间件,但这根本没有改善情况.

The error message from the Firefox Inspector seems reasonably clear, but I'm at a loss how to fix that. I already installed a CORS middleware in falcon, but that didn't improve the situation at all.

from falcon_cors import CORS
cors = CORS(allow_origins_list=['*'])
api = falcon.API(middleware=[cors.middleware])

我也曾尝试使用起源'localhost:8000''localhost',但都没有用.

I did also try to use the origins 'localhost:8000' and 'localhost' but neither works.

有什么办法解决这个问题吗?

Any idea how to fix this?

推荐答案

事实证明,falcon_cors提供了allow_all_origins=True作为参数.这可以解决我的问题,但不是完美的解决方案.

It turns out that falcon_cors offers allow_all_origins=True as a parameter. This fixes my problem, but isn't a perfect solution.

在同时使用POST请求时,也应设置allow_all_methods=True.

When using POST requests as well allow_all_methods=True should be set as well.

这篇关于猎鹰Web服务器在localhost上违反了同源策略的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-04 06:47