Google API 网关 Cors Headers 使用选项请求
Google API gateway Cors Headers Use options request
在我的应用程序引擎实例前面实施 api 网关后,我遇到了一个问题,指出请求因 CORS header 而被阻止。在线搜索后,我发现 API 网关不提供设置 CORS 策略的方法,但它也会“覆盖”我的单个 back-end 应用程序发送的 header。我是否需要实施负载平衡器来设置额外的 Header 或是否有避免覆盖的方法?
API 示例:
paths:
"/login":
post:
description: "Login into the service"
operationId: "login"
x-google-backend:
address: https://project-id.oa.r.appspot.com/api/v1/login
produces:
- "application/json"
responses:
200:
description: "Projects retrieved successfully"
schema:
$ref: "#/definitions/access_token"
401:
description: "Wrong password"
schema:
type: "string"
404:
description: "User not exists"
schema:
type: "string"
parameters:
- in: body
name: user
description: The user to create.
schema:
type: object
required:
- userName
properties:
userName:
type: string
firstName:
type: string
lastName:
type: string
经过大量尝试,我发现了一个比在网关前面实现负载均衡器更简单的解决方案:
要使用 back-end 应用程序提供的 CORS headers,只需将 OPTIONS 请求添加到 API 以避免 headers 被覆盖。所以,给定登录 API 我只需要像这样添加请求:
paths:
"/login":
post:
description: "Login into the service"
operationId: "login"
x-google-backend:
address: https://project-id.oa.r.appspot.com/api/v1/login
produces:
- "application/json"
responses:
200:
description: "Projects retrieved successfully"
schema:
$ref: "#/definitions/access_token"
401:
description: "Wrong password"
schema:
type: "string"
404:
description: "User not exists"
schema:
type: "string"
parameters:
- in: body
name: user
description: The user to create.
schema:
type: object
required:
- userName
properties:
userName:
type: string
firstName:
type: string
lastName:
type: string
options:
description: "Cors associated request to login"
operationId: "login cors"
x-google-backend:
address: https://project-id.oa.r.appspot.com/api/v1/login
responses:
200:
description: "Allow"
401:
description: "Cors not allowed"
在我的应用程序引擎实例前面实施 api 网关后,我遇到了一个问题,指出请求因 CORS header 而被阻止。在线搜索后,我发现 API 网关不提供设置 CORS 策略的方法,但它也会“覆盖”我的单个 back-end 应用程序发送的 header。我是否需要实施负载平衡器来设置额外的 Header 或是否有避免覆盖的方法?
API 示例:
paths:
"/login":
post:
description: "Login into the service"
operationId: "login"
x-google-backend:
address: https://project-id.oa.r.appspot.com/api/v1/login
produces:
- "application/json"
responses:
200:
description: "Projects retrieved successfully"
schema:
$ref: "#/definitions/access_token"
401:
description: "Wrong password"
schema:
type: "string"
404:
description: "User not exists"
schema:
type: "string"
parameters:
- in: body
name: user
description: The user to create.
schema:
type: object
required:
- userName
properties:
userName:
type: string
firstName:
type: string
lastName:
type: string
经过大量尝试,我发现了一个比在网关前面实现负载均衡器更简单的解决方案:
要使用 back-end 应用程序提供的 CORS headers,只需将 OPTIONS 请求添加到 API 以避免 headers 被覆盖。所以,给定登录 API 我只需要像这样添加请求:
paths:
"/login":
post:
description: "Login into the service"
operationId: "login"
x-google-backend:
address: https://project-id.oa.r.appspot.com/api/v1/login
produces:
- "application/json"
responses:
200:
description: "Projects retrieved successfully"
schema:
$ref: "#/definitions/access_token"
401:
description: "Wrong password"
schema:
type: "string"
404:
description: "User not exists"
schema:
type: "string"
parameters:
- in: body
name: user
description: The user to create.
schema:
type: object
required:
- userName
properties:
userName:
type: string
firstName:
type: string
lastName:
type: string
options:
description: "Cors associated request to login"
operationId: "login cors"
x-google-backend:
address: https://project-id.oa.r.appspot.com/api/v1/login
responses:
200:
description: "Allow"
401:
description: "Cors not allowed"