【发布时间】:2015-09-07 03:20:16
【问题描述】:
我是第一次创建混合应用程序,并开始学习一些教程。我在浏览器控制台上收到这些错误
Refused to load the script 'http://192.168.1.142:35729/livereload.js?snipver=1' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval'".
XMLHttpRequest cannot load http://localhost:1337/auth/local. The request was redirected to 'http://localhost:1337/login', which is disallowed
for cross-origin requests that require preflight.
我在服务器端使用sails,并在路由表中添加了以下内容
'get /' : {
cors: {
origin: '*'
},
controller: 'FlashController',
action: 'home'
},
'post /auth/local' : {
cors: {
origin: '*'
},
controller: 'AuthController',
action: 'callback'
},
'get /login' : {
cors: {
origin: '*'
},
controller: 'AuthController',
action: 'login'
},
虽然我正在关注 devdactic.com/user-auth-angularjs-ionic/ 教程并对应用程序进行了以下更改以允许 CORS
ionic plugin add cordova-plugin-whitelist
以下是我的 config.xml
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<widget id="com.ionicframework.devdacticauth980013" version="0.0.1" xmlns="http://www.w3.org/ns/widgets" xmlns:cdv="http://cordova.apache.org/ns/1.0">
<name>devdactic-auth</name>
<description>
An Ionic Framework and Cordova project.
</description>
<author email="hi@ionicframework" href="http://ionicframework.com/">
Ionic Framework Team
</author>
<allow-navigation href="*" />
<allow-intent href="*" />
<content src="index.html"/>
<access origin="*"/>
<preference name="webviewbounce" value="false"/>
<preference name="UIWebViewBounce" value="false"/>
<preference name="DisallowOverscroll" value="true"/>
<preference name="android-minSdkVersion" value="16"/>
<preference name="BackupWebStorage" value="none"/>
<feature name="StatusBar">
<param name="ios-package" value="CDVStatusBar" onload="true"/>
</feature>
</widget>
下面是我的 index.html
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="initial-scale=1, maximum-scale=1, user-scalable=no, width=device-width">
<meta http-equiv="Content-Security-Policy" content="default-src *; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' 'unsafe-eval'">
<title></title>
<link href="lib/ionic/css/ionic.css" rel="stylesheet">
<link href="css/style.css" rel="stylesheet">
<!-- IF using Sass (run gulp sass first), then uncomment below and remove the CSS includes above
<link href="css/ionic.app.css" rel="stylesheet">
-->
<!-- ionic/angularjs js -->
<script src="lib/ionic/js/ionic.bundle.js"></script>
<!-- cordova script (this will be a 404 during development) -->
<script src="cordova.js"></script>
<!-- your app's js -->
<script src="js/app.js"></script>
<script src="js/controllers.js"></script>
<script src="js/services.js"></script>
<script src="js/constants.js"></script>
<script src="lib/angular-mocks/angular-mocks.js"></script>
</head>
<body ng-app="starter" ng-controller="AppCtrl">
<ion-nav-bar class="bar-balanced">
</ion-nav-bar>
<ion-nav-view></ion-nav-view>
</body>
</html>
【问题讨论】:
-
您能否还包括您在飞行前 CORS 中遇到的错误?请尽量包含尽可能多的信息。
-
几个问题:您的 livereload 脚本被内容安全策略阻止。尝试删除 html 中的设置(除非您需要它?)。此外,您有重定向问题,我不确定 AJAX 处理重定向的效果如何。基本上,如果您尝试使用 AJAX 访问需要凭据的页面,请找到一种方法来配置您的 AJAX 脚本以包含必要的信息。
标签: javascript angularjs node.js sails.js ionic