我有一个 NodeJS 应用程序,在 index.js 中配置了 Cors 策略,如下所示...该应用程序托管在 AWS Elastic Beanstalk 中。虽然已经配置了 COR,但我面临的问题是,通过前端成功登录后,我现在收到一些 COR。该应用程序在一两个月内运行良好。我验证了我的 EC2、DNS 和负载均衡器,但似乎无法找到问题所在。任何指示或建议将不胜感激!
require('dotenv').config();
const AWS_S3_Bucket_Handler = require('./config/aws/s3Handler');
const jsonHandler = require('./functions/jsonHandler');
const host = process.env.HOST;
const port = process.env.PORT;
const prodStatus = process.env.IN_PROD
const express = require('express');
const app = express();
const cors = require('cors');
const cookieParser = require('cookie-parser');
if (prodStatus === "true") {
jsonHandler.testJson();
AWS_S3_Bucket_Handler.importBackupFromS3();
}
app.use(cors());
app.use(express.json());
app.use(cookieParser());
app.get('/', (req, res) => {
res.send("The server is running successfully. <br/>The server is running on port " + port + "... <br/>The server url is " + host + "...")
});
const userRoute = require('./routes/User');
app.use('/user', userRoute);
const adminRoute = require('./routes/Admin');
app.use('/admin', adminRoute);
const triviaRoute = require('./routes/Trivia');
app.use('/trivia', triviaRoute);
app.listen(port, () => {
console.log("Server running on port " + port + "...");
});
COR 错误消息:
GET https://www.catchingsouls.net/root.admin/env.js net::ERR_ABORTED 404 (Not Found)
Access to XMLHttpRequest at 'https://server.catchingsouls.net/admin/adminTool/TriviaRetrieval' from origin 'https://www.catchingsouls.net' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
POST https://server.catchingsouls.net/admin/adminTool/TriviaRetrieval net::ERR_FAILED 403 (Forbidden)
我设法找到了我的问题。我导航到 AWS WAF 检查我的防火墙设置,发现我有一条规则出于某种原因开始阻止我......该规则称为“管理员保护”。一旦我删除了这个,一切都加载正常,但我将审查此规则问题的可能原因...