node-express 允许跨域设置
代码如下:
app.use(function (req, res, next) {
// 解决跨域
res.setHeader("Access-Control-Allow-Origin", "http://localhost:3000");
res.setHeader("Access-Control-Allow-Credentials",true); //设置cookie
res.setHeader("Access-Control-Allow-Headers", "Content-Type,Content-Length, Authorization, Accept,X-Requested-With");
res.setHeader("Access-Control-Allow-Methods", "PUT,POST,GET,DELETE,OPTIONS");
res.setHeader("X-Powered-By", ' 3.2.1');
if (req.method == "OPTIONS") return res.end(); /*让options请求快速返回*/
else next();
});
如果允许多个域名跨域设置如下
思路:
- 一个跨域白名单列表
- 校验是否在白名单中的函数入參为地址
- 如果在白名单中就添加允许跨域的相关配置
file: whitelist.ts 配置如下
/**
* desc: 跨域白名单设置
*/
/**
* 白名单列表
*/
const whiteList = [
"xxx.com:8001",
"xxx.a.com",
];
/**
* 判断是否在白名单中
* @param originUrl
*/
const includeWhiteList = (originUrl: string = '') => {
const _hostname = originUrl.replace(/http(s)?:\/\//, '');
return whiteList.indexOf(_hostname) > -1;
}
module.exports = {
includeWhiteList,
}
file: node入口文件例如server.ts
const { includeWhiteList } = require("./utils/whiteList");
....
app.use(function (req, res, next) {
// 解决跨域
if (includeWhiteList(req.headers.origin)) {
res.setHeader("Access-Control-Allow-Origin", req.headers.origin);
res.setHeader("Access-Control-Allow-Credentials",true); //设置cookie
res.setHeader("Access-Control-Allow-Headers", "Content-Type,Content-Length, Authorization, Accept,X-Requested-With");
res.setHeader("Access-Control-Allow-Methods", "PUT,POST,GET,DELETE,OPTIONS");
res.setHeader("X-Powered-By", ' 3.2.1');
if (req.method == "OPTIONS") return res.end(); /*让options请求快速返回*/
else next();
} else {
next();
}
});
...
