nestjs cors 跨域設定
阿新 • • 發佈:2022-05-10
main.ts新增
app.enableCors(corsOptionsDelegate);
import { Request } from 'express';
//設定允許訪問的域名
const allowlist = ['http://localhost:8080'];
const corsOptionsDelegate = (req: Request, callback) => {
let corsOptions;
console.log("req.header('Origin')",req.header('Origin'))
if (allowlist.indexOf(req.header('Origin')) !== -1) {
console.log("req.header('Origin')",req.header('Origin'))
//如果你不需要 Cookie 可以設定為 *
// credentials 與前端的axios 的withCredentials(XMLHttpRequest.withCredentials)
// 同時 origin必須設定為訪問域 才能正常訪問,主要是為了 憑證是 Cookie ,授權標頭或 TLS 客戶端證書
corsOptions = { origin: req.header('Origin'),credentials : true };
} else {
corsOptions = { origin: false }; // disable CORS for this request
}
callback(null, corsOptions); // callback expects two parameters: error and options
}
export default corsOptionsDelegate
export default corsOptionsDelegate