本文介绍了跨起源问题与阿贾克斯,角度和Zuul的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我已经zuul服务器实现由它来完成路由到我所有的微服务。我有一个单独的UI项目,该项目是棱角分明。我试图让从UI应用AJAX调用到一个特定的微服务通过Zuul哪些路由,但我收到此错误。

I have zuul server implemented which does the routing to all my microservices. I have a seperate UI project which is in angular. I am trying to make an AJAX call from the UI app to a specific microservices which routes through Zuul but I am getting this error.

XMLHttpRequest cannot load http://localhost:8006/user/v1/userassociations. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:63342' is therefore not allowed access. The response had HTTP status code 403.

不过,当我直接尝试打在本地主机的API,它是在该工作完全正常。我已经下面CORS配置加入到实际的API。

But When I directly try to hit the api in local host which is hosted at http://localhost:4444/user/v1/userassociations it works perfectly fine. I have the below CORS configuration added to the actual api.

@Override
public void addCorsMappings(final CorsRegistry registry) {
    registry.addMapping("/**").allowedMethods("PUT", "GET", "DELETE", "OPTIONS", "PATCH", "POST");
}

当我尝试打通过zuul的API我试图相同的配置添加到Zuul,但它不工作,问题只发生。

The problem is only happening when i try to hit the api via zuul I tried to add the same configuration to Zuul but it is not working.

我知道这是相同的起源问题,但必须有一个解决方案,我们的微服务是假设上市这样任何人都可以从任何网络域的请求。

I know it is the same origin issue but there must be a solution our microservices are suppose to go public so anyone can make the request from any domain.

下面是工作AJAX调用: - 如果我的网址更改为这是通过zuul我得到的交叉由来。

Below is the Working AJAX call:- if i change the url to http://localhost:8006/user/v1/userassociations which is via zuul i get the cross origin.

var service = {};
  service.userContextCall = function()
  {
    return $http({
      url:'http://localhost:4444/user/v1/userassociations',
      method: 'GET',
      headers: {'Content-Type':'application/json',
        'userContextId':'1234567890123456'}
    }).success(function(response){

      return response;
    }).error(function(error){

      return error;
    });

  };

  return service;

头的荫收到当我通过Zuul打API。

Header that Iam receiving for when i hit the api via Zuul.

Request URL:http://localhost:8006/user/v1/userassociations
Request Method:OPTIONS
Status Code:403 Forbidden
Remote Address:[::1]:8006
Response Headers
view source
Allow:GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
Content-Length:20
Date:Tue, 23 Feb 2016 18:51:15 GMT
Server:Apache-Coyote/1.1
X-Application-Context:apigateway:8006
Request Headers
view source
Accept:*/*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:accept, usercontextid
Access-Control-Request-Method:GET
Connection:keep-alive
Host:localhost:8006
Origin:http://localhost:63342
Referer:http://localhost:63342/icpAccountHolder/app/index.html
User-Agent:Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36

报头时,我照片直接击中了API工作之一。

Header when i direclty hit the api the working one.

Request URL:http://localhost:4444/user/v1/userassociations
Request Method:GET
Status Code:200 OK
Remote Address:[::1]:4444
Response Headers
view source
Access-Control-Allow-Credentials:true
Access-Control-Allow-Origin:http://localhost:63342
Content-Type:application/json;charset=utf-8
Date:Tue, 23 Feb 2016 18:54:19 GMT
Server:Apache-Coyote/1.1
Transfer-Encoding:chunked
Vary:Origin
X-Application-Context:userassociations-v1
Request Headers
view source
Accept:application/json, text/plain, */*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Host:localhost:4444
Origin:http://localhost:63342
Referer:http://localhost:63342/icpAccountHolder/app/index.html
User-Agent:Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/48.0.2564.116 Safari/537.36
userContextId:1234567890123456

谁能帮我这。

推荐答案

此修复程序似乎使用ANGEL.SR6春季云版本,而不是BRIXTON。但你想用布里克斯顿情况下,这是我写的覆盖CORS滤波器Zuul。

The fix seems to be using the ANGEL.SR6 spring cloud version instead of BRIXTON. But In case you want to use Brixton this is what i wrote to override the CORS filter in Zuul.

 @Bean
 public CorsFilter corsFilter() {
     final UrlBasedCorsConfigurationSource urlBasedCorsConfigurationSource= new UrlBasedCorsConfigurationSource();
     final CorsConfiguration corsConfig = new CorsConfiguration();
     corsConfig.setAllowCredentials(true);
     corsConfig.addAllowedOrigin("*");
     corsConfig.addAllowedHeader("*");
     corsConfig.addAllowedMethod("OPTIONS");
     corsConfig.addAllowedMethod("HEAD");
     corsConfig.addAllowedMethod("GET");
     corsConfig.addAllowedMethod("PUT");
     corsConfig.addAllowedMethod("POST");
     corsConfig.addAllowedMethod("DELETE");
     corsConfig.addAllowedMethod("PATCH");
     urlBasedCorsConfigurationSource.registerCorsConfiguration("/**", corsConfig);
     return new CorsFilter(urlBasedCorsConfigurationSource);
 }

这篇关于跨起源问题与阿贾克斯,角度和Zuul的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!

08-20 00:34