CORS errors in pouchdb
CORS errors in pouchdb
我在Firefox和Chrome中得到CORS错误,但在cURL中没有。这是cURL:
curl -H "Origin: http://mymachine:8080" https://wamoyo.cloudant.com/simpsons -v
这是我的命令,下面是输出:
* Hostname was NOT found in DNS cache
* Trying 184.173.163.133...
* Connected to wamoyo.cloudant.com (184.173.163.133) port 443 (#0)
* successfully set certificate verify locations:
* CAfile: none
CApath: /etc/ssl/certs
* SSLv3, TLS handshake, Client hello (1):
* SSLv3, TLS handshake, Server hello (2):
* SSLv3, TLS handshake, CERT (11):
* SSLv3, TLS handshake, Server finished (14):
* SSLv3, TLS handshake, Client key exchange (16):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSLv3, TLS change cipher, Client hello (1):
* SSLv3, TLS handshake, Finished (20):
* SSL connection using AES256-SHA
* Server certificate:
* subject: C=US; ST=Massachusetts; L=Boston; O=Cloudant, Inc.; OU=Engineering; CN=*.cloudant.com
* start date: 2013-01-29 00:00:00 GMT
* expire date: 2016-02-19 12:00:00 GMT
* subjectAltName: wamoyo.cloudant.com matched
* issuer: C=US; O=DigiCert Inc; OU=www.digicert.com; CN=DigiCert High Assurance CA-3
* SSL certificate verify ok.
> GET /simpsons HTTP/1.1
> User-Agent: curl/7.35.0
> Host: wamoyo.cloudant.com
> Accept: */*
> Origin: http://mymachine:8080
>
< HTTP/1.1 200 OK
< X-Couch-Request-ID: 1efb92f7dd
* Server CouchDB/1.0.2 (Erlang OTP/R14B) is not blacklisted
< Server: CouchDB/1.0.2 (Erlang OTP/R14B)
< Date: Wed, 09 Jul 2014 18:25:37 GMT
< Content-Type: text/plain;charset=utf-8
< Content-Length: 362
< Cache-Control: must-revalidate
< Access-Control-Expose-Headers: content-type, accept-ranges, etag, server, x-couch-request-id, x-couch-update-newrev
重要的是:
< Access-Control-Allow-Origin: http://mymachine:8080
< Access-Control-Allow-Credentials: true
<
{"update_seq":"34-g1AAAADreJzLYWBgYMlgTmFQTElKzi9KdUhJMtPLzc_PK87IzEvVS87JL01JzCvRy0styQEqZUpkSLL___9_ViI_qiZjfJqSHIBkUj1YH5plRvj05bEASYYGIAXUuj8rkQtVrylhvQcgeoH2smYBAApoT3A","db_name":"simpsons","purge_seq":0,"other":{"data_size":593},"doc_del_count":0,"doc_count":6,"disk_size":750276,"disk_format_version":5,"compact_running":false,"instance_start_time":"0"}
* Connection #0 to host wamoyo.cloudant.com left intact
好了,现在浏览器仍然返回这个错误:
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://wamoyo.cloudant.com/simpsons/_changes?timeout=25000&style=all_docs&feed=longpoll&since=35-g1AAAAEjeJzLYWBgYMlgTmFQTElKzi9KdUhJMtPLzc_PK87IzEvVS87JL01JzCvRy0styQEqZUpkSLL___9_VgZTIn8uUIA9zcQ81cgkCdUIY3xGJDkAyaR6qCmsEFOMkxMTUy1RTTHCZ0oeC5BkaABSQIP2g0ziApuUYpJmZmZqjmqSKWGTDkBMQnKTuVFymoFxUhYAK3pbEA&limit=25&_nonce=7YzIfmsBHKTHaGPq. This can be fixed by moving the resource to the same domain or enabling CORS.
当我运行包的同步或复制功能。
PouchDB.sync('https://wamoyo.cloudant.com/simpsons/', 'simpsons', {live: true})
.on('change', onChange)
.on('complete', onComplete)
.on('error', onError);
function onChange (info) {
alert('onChange running');
}
function onComplete (info) {
alert('onComplete running');
}
function onError (err) {
alert('onError ' + err);
}
CORS仅适用于浏览器上下文中。因此,要使它与PouchDB一起工作,您必须设置CouchDB CORS Headers以允许从任何域访问它。
CORS是一个仅适用于浏览器的安全特性。浏览器试图保护用户免受网站的攻击,否则网站可能会向其他域发出AJAX请求。
例如:当你在stackoverflow.com,如果它试图使一个AJAX请求mail.google.com,那么你的浏览器有理由相信这可能是不允许的mail.google.com。因此,它要求mail.google.com通过一个OPTIONS请求来告诉stackoverflow.com是否被列入白名单以发出特定的请求。如果是,则浏览器允许实际的请求。否则,它会将其作为错误阻止。
现在,就curl或任何其他非浏览器请求工具而言,它们的工作方式不同。他们是你的代表,因此我们假定你不会对自己做错什么。
相关文章:
- Node.js's Buffer.writeFloatBE in Javascript
- Setting default onclick behavior for <img> tag in gene
- Lucene Search in Alfresco
- grep in JQuery to C#
- write HTML in JavaScript
- jQuery setTimeOut: in for-loop
- SetTimeout and clearTimeout in Javascript
- lightbox in html 5 and javascript
- HTMLInputElement in IE7
- Mongodb$in以与数组中相同的顺序获取结果
- element.dataset in Internet Explorer
- 如何从PouchDB导入/导出数据库
- jQuery parent() in table
- Instagram oauth flow in angularjs
- 有关PouchDB的复杂startkey/endkey查询未返回预期结果
- In循环的In运算符前后
- 如何使用for in循环在javascript中显示对象中的对象
- 当我们保存一些附件时,我们如何提高PouchDB的性能
- PouchDB,如何在已经有附件的文档中添加新附件
- CORS errors in pouchdb