admin管理员组

文章数量:1431434

I'm trying to implement OAuth2 authentication. When I try to send Authorization code I get this error:

XMLHttpRequest cannot load link1. Redirect from link1 to link2 has been blocked by CORS policy: Request requires preflight, which is disallowed to follow cross-origin redirect.

My req/rsp looks like this:

General: Request URL:link1 Request Method:OPTIONS Status Code:204 No Content Remote Address:

Response Headers: HTTP/1.1 204 No Content X-Powered-By: Express Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Headers: content-type, sessionid Date:

Request Headers: OPTIONS /authorize HTTP/1.1 Host: host Connection: keep-alive Access-Control-Request-Method: POST Origin: origin_link User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36 Access-Control-Request-Headers: content-type, sessionid Accept: / Referer: origin_link/dialog Accept-Encoding: gzip, deflate, sdch, br Accept-Language: en-US,en;q=0.8

I'm trying to implement OAuth2 authentication. When I try to send Authorization code I get this error:

XMLHttpRequest cannot load link1. Redirect from link1 to link2 has been blocked by CORS policy: Request requires preflight, which is disallowed to follow cross-origin redirect.

My req/rsp looks like this:

General: Request URL:link1 Request Method:OPTIONS Status Code:204 No Content Remote Address:

Response Headers: HTTP/1.1 204 No Content X-Powered-By: Express Access-Control-Allow-Origin: * Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE Access-Control-Allow-Headers: content-type, sessionid Date:

Request Headers: OPTIONS /authorize HTTP/1.1 Host: host Connection: keep-alive Access-Control-Request-Method: POST Origin: origin_link User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/56.0.2924.76 Safari/537.36 Access-Control-Request-Headers: content-type, sessionid Accept: / Referer: origin_link/dialog Accept-Encoding: gzip, deflate, sdch, br Accept-Language: en-US,en;q=0.8

  • javascript
  • node.js
  • oauth-2.0
  • cors
  • http-redirect
Share Improve this question asked Mar 20, 2017 at 15:21 Milica MatićMilica Matić 131 gold badge1 silver badge4 bronze badges 1
  • If you upgrade to Chrome 57, you should no longer hit that “Request requires preflight, which is disallowed to follow cross-origin redirect.” error. (The spec used to require browsers to disallow following cross-origin redirects from preflights, but was subsequently changed, and after the Chrome 56 release, the Chrome source was updated to match the current spec requirements.) – sideshowbarker Commented Mar 20, 2017 at 17:33
Add a ment  | 

1 Answer 1

Reset to default 2

Maybe you have not configured express to accept CORS request.

In a small project, I had to configure CORS request in an Express application. My code was:

// Enable CORS
app.use((req, res, next) => {
   res.header('Access-Control-Allow-Origin', '*');
   res.header('Access-Control-Allow-Methods', 'GET,POST,DELETE');
   res.header('Access-Control-Allow-Headers', 'Origin, X-Requested With, Content-Type, Accept');
   next();
});

app is a variable corresponding to an Express instance.

Moreover, I did find an npm package to set CORS request to an express app, but I have never used it: https://github./expressjs/cors

本文标签: javascriptHow to solve CORS redirection with express js routerStack Overflow

版权声明:本文标题:javascript - How to solve CORS redirection with express js router? - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1745466511a2659556.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。