Chrome 扩展被阻止 rails API
Chrome Extension blocked from a rails API
我只是想在 Rails 站点上与 REST api 交谈。
我正在使用 Chrome 扩展和 javascript 来创建 CORSRequest。
每当我尝试发出请求时都会收到此错误:
XMLHttpRequest cannot load https://MYWEBSITE.com/api/login. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'chrome-extension://mychomreextensioncode' is therefore not allowed access. The response had HTTP status code 404.
这是我当前的代码:
function makeCorsRequestLogin() {
var url = "https://MYWEBSITE.com/api/login";
var xhr = new XMLHttpRequest();
xhr.open('POST', url, true);
xhr.setRequestHeader('Content-type', 'application/json');
xhr.onload = function() {
var text = xhr.responseText;
var title = text; //getTitle(text);
alert('Response from CORS request to ' + url + ': ' + title);
};
if (!xhr) {
alert('CORS not supported');
return;
}
xhr.onerror = function() {
alert('Woops, there\'s an error making the request.');
};
var password = document.getElementById("password").value;
var user_name = document.getElementById("username").value;
xhr.send(JSON.stringify({"user_name":user_name, "password":password}));
}
在别处,过去有人说这段代码解决了。但是,我不知道这会去哪里。
# This is used to allow the cross origin POST requests made by confroom kiosk app.
def set_access_control_headers
headers['Access-Control-Allow-Origin'] = "*"
headers['Access-Control-Request-Method'] = %w{GET POST OPTIONS}.join(",")
end
我只在 JS 和 HTML 上工作 chrome 扩展。我无法访问 ruby 站点。我能从我这边解决这个问题吗?
您应该在 manifest.json.
中为您的服务器域定义权限
"permissions": ["https://MYWEBSITE.com/*"]
还要确保设置正确的协议,无论是 http 还是 https。
我只是想在 Rails 站点上与 REST api 交谈。 我正在使用 Chrome 扩展和 javascript 来创建 CORSRequest。
每当我尝试发出请求时都会收到此错误:
XMLHttpRequest cannot load https://MYWEBSITE.com/api/login. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'chrome-extension://mychomreextensioncode' is therefore not allowed access. The response had HTTP status code 404.
这是我当前的代码:
function makeCorsRequestLogin() {
var url = "https://MYWEBSITE.com/api/login";
var xhr = new XMLHttpRequest();
xhr.open('POST', url, true);
xhr.setRequestHeader('Content-type', 'application/json');
xhr.onload = function() {
var text = xhr.responseText;
var title = text; //getTitle(text);
alert('Response from CORS request to ' + url + ': ' + title);
};
if (!xhr) {
alert('CORS not supported');
return;
}
xhr.onerror = function() {
alert('Woops, there\'s an error making the request.');
};
var password = document.getElementById("password").value;
var user_name = document.getElementById("username").value;
xhr.send(JSON.stringify({"user_name":user_name, "password":password}));
}
在别处,过去有人说这段代码解决了。但是,我不知道这会去哪里。
# This is used to allow the cross origin POST requests made by confroom kiosk app.
def set_access_control_headers
headers['Access-Control-Allow-Origin'] = "*"
headers['Access-Control-Request-Method'] = %w{GET POST OPTIONS}.join(",")
end
我只在 JS 和 HTML 上工作 chrome 扩展。我无法访问 ruby 站点。我能从我这边解决这个问题吗?
您应该在 manifest.json.
中为您的服务器域定义权限"permissions": ["https://MYWEBSITE.com/*"]
还要确保设置正确的协议,无论是 http 还是 https。