cors实现跨域 并且实现cookie携带
1. cors不用中间件的话可以这样写
app.all('*', function (req, res, next) {
res.header("Access-Control-Allow-Origin", "http://www.xxx.com"); //必须是具体网址 不是 *
res.header('Access-Control-Allow-Credentials: true'); //是否支持cookie跨域
res.header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept");
res.header("Access-Control-Allow-Methods","PUT,POST,GET,DELETE,OPTIONS");
res.header("X-Powered-By",' 3.2.1') if(req.method=="OPTIONS")
res.send(200);
next();
})
2. 使用CORS,和其他中间件的用法一样,app.use()即可:
var express = require('express')
var cors = require('cors')
var app = express()
app.use(cors())
3.如果要单独为某个接口实现允许跨域请求,在回调函数之前先用cors()方法进行跨域处理即可:
var express = require('express') var cors = require('cors') var app = express() app.get('/products/:id', cors(), function (req, res, next) { res.json({msg: 'This is CORS-enabled for a Single Route'}) })
4.手动配置
app.use(cors({
origin:['http://localhost:8080'],//允许该域名下的请求
methods:["GET","POST"], // 允许接受的 请求类型
alloweHeaders:['Conten-Type','Authorization','Accept','Origin'], //请求头
exposeHeaders: ['WWW-Authenticate', 'Server-Authorization'],
credentials: true, // 发送cookie
}));
前端用axios,需要设置一下cookie
axios.defaults.withCredentials = true; // axios请求携带cookie 每个都需要配置
//ajax 添加xhrFields:{ withCredentials: true },//ajax设置携带cookie
this.$axios({ method: 'post', url: 'http://localhost:3000/admin/add', data: param }) .then((response)=>{ console.log("sd"); console.log(response.data.results); }) .catch((err)=>{ console.log("失败?"); console.log(err); })