英文:
Avoiding CORS issues on web app importing JavaScript modules from other domains
问题
I am building a web application using NodeJS splitting the application into a back-end to handle database queries with MongoDB and a front end via a node based webserver that uses interactjs with JavaScript compiled from TypeScript. Currently, I have it running on LocalHost.
对于我的前端部分,依赖我的桌面应用程序开发技能,我最初是以模块化的方式在本地机器上构建应用程序,使用了几个JS模块,无服务器地进行开发,甚至没有使用本地主机。它以使用TypeScript编译为JS实现的拖放样式构建流程图。现在我已将其移植到Node。大部分功能似乎都在工作,但在我的某个模块中,我正在导入interact.js来处理我的拖放操作。
import interact from 'https://cdn.jsdelivr.net/npm/@interactjs/interactjs/index.js'
然而,这似乎导致了我的浏览器Firefox报告CORS错误。我已经做了很多阅读,了解了什么是跨源资源共享以及为什么会出现问题。然而,我还没有找到一个好的信息源来帮助我解决我的问题。很多信息似乎要么只描述CORS错误是什么而不提供解决方案,要么提供示例MIME类型或与此问题不相关的fetch命令(据我所知)。
如果你正在运行位于http://localhost:5000/myApp的Web应用程序,那么我的代码如何在不触发CORS错误的情况下导入外部JavaScript模块呢?
我在Firefox控制台中多次看到的错误是:
- 从“https://cdn.jsdelivr.net/npm/@interactjs/actions/drag/plugin”加载模块被阻止,因为其MIME类型不允许(“text/plain”)。
- 跨源请求已阻止:同源策略不允许读取远程资源https://cdn.jsdelivr.net/npm/@interactjs/actions/drag/plugin。 (原因:CORS请求未成功)。状态码:(null)。
- 该文档不允许使用模块源URI:“https://cdn.jsdelivr.net/npm/@interactjs/actions/drag/plugin”。
我在这里发帖是出于绝望,因为我整天都在打转,无法在StackOverflow或其他地方找到与我的问题相关的内容。
英文:
I am building a web application using NodeJS splitting the application into a back-end to handle database queries with MongoDB and a front end via a node based webserver that uses interactjs with JavaScript compiled from TypeScript. Currently, I have it running on LocalHost.
For my front end, leaning on my desktop application development skills, I originally built an application modularly out of several JS modules in a serverless, on the local machine not even using local host, way. It constructs flowcharts drag and drop style implemented using typescript compiled to JS. I have now moved it into node. Most things seem to be working, but in one of my modules I am importing interact.js to handle my drag and drop.
import interact from 'https://cdn.jsdelivr.net/npm/@interactjs/interactjs/index.js'
However, this seems to be causing CORS errors to be reported by my browser Firefox. I have done quite a bit of reading and understand what Cross Origin Resource Sharing is, and why problems occur. However, I have yet to find a good source of information that helps me overcome my problem. A lot of the information seems to either describe what a CORS error is without offering a solution or provides examples mime types,or fetch commands which are not relevant to this (as far as I know).
If you are running a webapp that is at http://localhost:5000/myApp. How then can my code import external JavaScript modules without triggering the CORS errors?
What I am seeing many times over in the console of Firefox's is three likely related errors:
Loading module from “https://cdn.jsdelivr.net/npm/@interactjs/actions/drag/plugin” was blocked because of a disallowed MIME type (“text/plain”).
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://cdn.jsdelivr.net/npm/@interactjs/actions/drag/plugin. (Reason: CORS request did not succeed). Status code: (null).
Module source URI is not allowed in this document: “https://cdn.jsdelivr.net/npm/@interactjs/actions/drag/plugin”.
I'm posting here out of desperation, as I have spent all day going around in circles and have not been able to find anything related to my problem on StackOverflow or elsewhere.
答案1
得分: 2
@interactjs/interactjs
模块不适合通过 CDN 使用 - 你可能想要的是 interactjs(去掉前面的 @
),因为看起来这些有命名空间的版本实际上是为内部和构建时使用而设计的。如果你只需要 drag
,你可以从 它们的 CDN 获取:import 'https://cdn.interactjs.io/v1.9.20/actions/drag/index.js'
。
英文:
The @interactjs/interactjs
module isn't meant to be used over a CDN — you probably want interactjs (without the leading @
), because it looks like the namespaced versions are really meant for internal and build-time use. If you just need drag
, you can get that from their CDN: import 'https://cdn.interactjs.io/v1.9.20/actions/drag/index.js'
.
通过集体智慧和协作来改善编程学习和解决问题的方式。致力于成为全球开发者共同参与的知识库,让每个人都能够通过互相帮助和分享经验来进步。
评论