对于以下ajax发布请求Flask(如何使用烧瓶中ajax发布的数据?):
$.ajax({ url: "http://127.0.0.1:5000/foo", type: "POST", contentType: "application/json", data: JSON.stringify({'inputVar': 1}), success: function( data ) { alert( "success" + data ); } });
我收到一个Cross Origin Resource Sharing (CORS)错误:
Cross Origin Resource Sharing (CORS)
No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access. The response had HTTP status code 500.
我尝试通过以下两种方法解决该问题,但似乎没有任何效果。
1.使用Flask-CORS
这是Flask用于处理的扩展CORS,应使跨域AJAX成为可能。
Flask
CORS
我的pythonServer.py使用此解决方案:
from flask import Flask from flask.ext.cors import CORS, cross_origin app = Flask(__name__) cors = CORS(app, resources={r"/foo": {"origins": "*"}}) app.config['CORS_HEADERS'] = 'Content-Type' @app.route('/foo', methods=['POST','OPTIONS']) @cross_origin(origin='*',headers=['Content-Type','Authorization']) def foo(): return request.json['inputVar'] if __name__ == '__main__': app.run()
2.使用特定的Flask装饰器
这是Flask 官方代码片段,定义了一个装饰器,该装饰器应允许CORS其装饰功能。
from flask import Flask, make_response, request, current_app from datetime import timedelta from functools import update_wrapper app = Flask(__name__) def crossdomain(origin=None, methods=None, headers=None, max_age=21600, attach_to_all=True, automatic_options=True): if methods is not None: methods = ', '.join(sorted(x.upper() for x in methods)) if headers is not None and not isinstance(headers, basestring): headers = ', '.join(x.upper() for x in headers) if not isinstance(origin, basestring): origin = ', '.join(origin) if isinstance(max_age, timedelta): max_age = max_age.total_seconds() def get_methods(): if methods is not None: return methods options_resp = current_app.make_default_options_response() return options_resp.headers['allow'] def decorator(f): def wrapped_function(*args, **kwargs): if automatic_options and request.method == 'OPTIONS': resp = current_app.make_default_options_response() else: resp = make_response(f(*args, **kwargs)) if not attach_to_all and request.method != 'OPTIONS': return resp h = resp.headers h['Access-Control-Allow-Origin'] = origin h['Access-Control-Allow-Methods'] = get_methods() h['Access-Control-Max-Age'] = str(max_age) if headers is not None: h['Access-Control-Allow-Headers'] = headers return resp f.provide_automatic_options = False return update_wrapper(wrapped_function, f) return decorator @app.route('/foo', methods=['GET','POST','OPTIONS']) @crossdomain(origin="*") def foo(): return request.json['inputVar'] if __name__ == '__main__':
app.run()
你能说明一下为什么会这样吗?
在对代码进行一些修改之后,它像冠军一样工作
# initialization app = Flask(__name__) app.config['SECRET_KEY'] = 'the quick brown fox jumps over the lazy dog' app.config['CORS_HEADERS'] = 'Content-Type' cors = CORS(app, resources={r"/foo": {"origins": "http://localhost:port"}}) @app.route('/foo', methods=['POST']) @cross_origin(origin='localhost',headers=['Content- Type','Authorization']) def foo(): return request.json['inputVar'] if __name__ == '__main__': app.run()
我将*替换为localhost。由于正如我在许多博客和帖子中读到的那样,您应该允许访问特定域
你可以通过以下简单方法获得结果:
@app.route('your route', methods=['GET']) def yourMethod(params): response = flask.jsonify({'some': 'data'}) response.headers.add('Access-Control-Allow-Origin', '*') return response
