[我有一个使用React 16的.NET Core 3.1.3应用程序,当我在生产环境(Azure / Firebase)中调用API时,从一个特定组件收到CORS错误。
在大多数应用程序中,一切正常,所有axios调用的基本URL都设置在一个文件中,所有发布请求都通过rootHttp类的单个方法进行。
addItem(model, data){
return axios.post(
this.rootUrl + '/' + model, data, {headers: this.headers}
);
}
//Posts new item to API
除了来自employee组件的POST调用之外,所有的API调用似乎都运行良好:
export function addEmployee(employee, callback){
employee = prepEmployeeValues(employee);
return dispatch =>{
http.addItem("employee", employee)
.then(addedEmployee =>{
dispatch(addEmployeeToState(addedEmployee.data));
callback();
});
}
}
//Posts new employee to API
哪个会触发这两个错误:
Access to XMLHttpRequest at 'https://procmanagement.azurewebsites.net/api/3/employee'
from origin 'https://scheduleanddirection.firebaseapp.com'
has been blocked by CORS policy: No 'Access-Control-Allow-Origin'
header is present on the requested resource.
和
createError.js:16 Uncaught (in promise) Error: Network Error
at e.exports (createError.js:16)
at XMLHttpRequest.p.onerror (xhr.js:83)
请求标头与任何其他组件的成功POST调用相同。值得注意的是,来自Employee组件的GET返回一个空数组,并且最初应返回一个1 Employee Object的数组,该所有者是在注册帐户时添加的所有者(在dev服务器中有效)。
后端应在此处收到员工的职位:
[HttpPost]
public async Task<IActionResult> AddEmployee(int userId, EmployeeForCreationDto employeeForCreation)
{
EmployeeIdIncrement employeeIdIncrement = await _repo.GetEmployeeIdForIncrement(userId);
employeeIdIncrement.employeeId = employeeIdIncrement.employeeId + 1;
var creator = await _userRepo.GetUser(userId);
if (creator.Id != int.Parse(User.FindFirst(ClaimTypes.NameIdentifier).Value))
return Unauthorized();
var employee = _mapper.Map<Employee>(employeeForCreation);
employee.User = creator;
employee.EmployeeId = employeeIdIncrement.employeeId;
_repo.Add(employee);
if (await _repo.SaveAll())
{
var employeeToReturn = _mapper.Map<EmployeeForReturnDto>(employee);
return CreatedAtRoute("GetEmployee", new {employeeId = employee.EmployeeId, userId = userId }, employeeToReturn);
}
throw new Exception("Creation of Employee failed on save");
}
一个成功的例子:
发送:
export function addDepartment(department, callback){
department = prepDepartmentValues(department);
return dispatch =>{
http.addItem("department", department)
.then(addedDepartment =>{
dispatch(addDepartmentToState(addedDepartment.data));
callback();
});
}
}
//Posts new department to API
接收:
[HttpPost]
public async Task<IActionResult> AddDepartment(int userId, DepartmentForCreationDto departmentForCreation)
{
var creator = await _userRepo.GetUser(userId);
if (creator.Id != int.Parse(User.FindFirst(ClaimTypes.NameIdentifier).Value))
return Unauthorized();
var department = _mapper.Map<Department>(departmentForCreation);
department.User = creator;
_repo.Add(department);
if (await _repo.SaveAll())
{
var jobToReturn = _mapper.Map<DepartmentForCreationDto>(department);
return CreatedAtRoute("GetDepartment", new {deptName = department.DeptName, userId = userId }, jobToReturn);
}
throw new Exception("Creation of Department failed on save");
}
包括Employee组件的所有组件在开发服务器中都可以正常工作,除了Employee组件之外的所有组件都可以在生产环境中工作。
CORS政策:
services.AddCors(options =>
{
options.AddPolicy("ProdCors",
builder =>
{
builder.WithOrigins("https://scheduleanddirection.firebaseapp.com", "https://scheduleanddirection.web.app")
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials();
}
);
});
因此,经过深思熟虑之后,我发现实际上不是CORS问题导致了我这个错误。
我用Postman检查API,发现我遇到内部服务器错误,然后将我的Dev服务器API连接到生产数据库,在该数据库中,我发现问题是与SQLite相比,MS SQL Server的工作方式。
Dev服务器使用SQLite。 MS SQL Server在使用SQLite的两件事上遇到问题:
未经明确许可,一次更新多个数据。通过在我的连接字符串中添加“ MultipleActiveResultSets = True”来解决此问题。
用单个主键(而不是组合键)显式定义项目的主键。通过完全删除EmployeeIdForIncrement模型并添加EmployeeIdForIncrement作为用户模型的属性来解决此问题。