【问题标题】:cookie not set on cross domain - angularjs and nodejs/expresscookie 未在跨域上设置 - angularjs 和 nodejs/express
【发布时间】:2015-05-28 20:12:47
【问题描述】:

跨域请求未设置cookie。我的服务器在 localhost:8000 中运行,客户端在 localhost:9000 中运行。服务器 nodejs/express 上的 cors 设置是

app.use(function(req, res, next) {
console.log(req.method);
res.header("Access-Control-Allow-Origin", "*");
res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS');
res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept, Cache-Control, Authorisation");
if (req.method === 'OPTIONS') {
    return res.send(200);
} else {
    return next();
}});

客户端使用Angularjs,cors配置为

SelappsAdmin.config(['$httpProvider', function($httpProvider) {
  $httpProvider.defaults.useXDomain = true;
  delete $httpProvider.defaults.headers.common['X-Requested-With'];
}])

【问题讨论】:

    标签: angularjs node.js cookies cross-domain


    【解决方案1】:

    快递

    app.use(require('cors')({
      origin: function (origin, callback) {
        callback(null, origin);
      },
      credentials: true
    }));
    

    角度

    $httpProvider.defaults.headers.common['X-Requested-With'] ='XMLHttpRequest';
    $httpProvider.defaults.withCredentials = true;
    

    【讨论】:

      【解决方案2】:

      快递

      var express = require('express');
      var session = require('express-session');
      var cookieParser = require('cookie-parser');
      
      var app = express();
      
      app.use(cookieParser());
      app.use(session({
          secret: 'yoursecret',
          cookie: {
              path: '/',
              domain: 'yourdomain.com',
              maxAge: 1000 * 60 * 24 // 24 hours
          }
      }));
      app.use(function(req, res, next) {
          res.header('Access-Control-Allow-Credentials', true);
          res.header('Access-Control-Allow-Origin', req.headers.origin);
          res.header('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE');
          res.header('Access-Control-Allow-Headers', 'X-Requested-With, X-HTTP-Method-Override, Content-Type, Accept');
          next();
      });
      

      角度

      $httpProvider.defaults.withCredentials = true;
      
      delete $httpProvider.defaults.headers.common["X-Requested-With"];
      

      我从这个Link找到

      【讨论】:

        猜你喜欢
        • 1970-01-01
        • 2023-04-04
        • 2021-08-15
        • 2015-12-21
        • 1970-01-01
        • 2017-10-06
        • 1970-01-01
        • 1970-01-01
        • 1970-01-01
        相关资源
        最近更新 更多