Question

我试图用一个https CORS AJAX从 jQuery到Node.js进程。然而,每当发出呼吁时, Chrome就在圣殿:<条码>通过 http:// localhost/ 净额:ERR_INSECURE_RESPONSE。

https://stackoverflow.com/questions/11690191/ Cross-domain-request- from-https-aborts-immediately> Stack Overflow question,如果我进口自己签署的证书I,我就应当能够打上十字路口。因此,我把ert子进口到 Chrome。我可以看到“ Chrome”管理证书在当局下签名。但是,当我尝试阿盟教团的呼吁时,它仍然失败。

This is how I made the private key: openssl genrsa -out domain.key 4096

Now:

openssl req -x509 -sha512 -nodes -newkey rsa:4096 -keyout domain.key -out domain.crt

就通用名称而言,我把计算机的IP地址这样说, Chrome不会抱怨URL错配。

页: 1

<!DOCTYPE html>
<html>
  <title>BlackBox</title>
  <head>
    <meta charset="utf-8">
    <script src="jquery-1.11.2.min.js"></script>
    <script src="bootstrap-3.3.4-dist/js/bootstrap.min.js"></script>
    <script src="login.js"></script>
  </head>
  <body>
    <div class="container-fluid">
      <div class="row">
        <div class=col-md-4>
          <h2> Welcome to BlackBox</h2>
          <label>username</label>
          <input type="text" name="username" id="username">
          <label>password</label>
          <input type ="text" name="password" id="password">
          <input type="button" id="loginbtn" value="Login"/>
          <div class="container">
            <div class="row">
              <div class="out"></div>
            </div>
          </div>
        </div>
      </div>
     </div>
   </body>
 </html>

这就是 Java语与超文本。

 $(document).ready(function() {
   $( #loginbtn ).click(clickLogin);
     function clickLogin() {
       var username = $( #username ).val();
       var password = $( #password ).val();
       if(password ==    || username ==   ) {
         $(".out").html("Empty username or password");
         } else {
         $.ajax({
           type: "PUT",
           url: "https://localhost/",
           contentType: "application/json",
           data: JSON.stringify({
             username: username,
             password: password,
           }),
           dataType: "text",
       })
     }
   };
 });

最后,这里是“诺德”进程,它既为“超文本”和“贾瓦文”服务,也为接收“非洲复兴共和与民主军”电话提供了动力。

const fs = require("fs");
const http = require( http );
const https = require( https );

var loginPage = fs.readFileSync( login.html );
var loginPageJs = fs.readFileSync( login.js );
var jquery = fs.readFileSync( jquery-1.11.2.js );
var bootstrap = fs.readFileSync( bootstrap-3.3.4-dist/js/bootstrap.min.js )

var options = {
  key: fs.readFileSync( domain.key ),
  cert: fs.readFileSync( domain.crt )
};

http.createServer(function(req, res) {  
  res.writeHead(301, {Location:  https:192.168.1.58/ })
  res.end();
}).listen(80);

https.createServer(options, function(req, res) {

  if(req.method ===  GET  && req.url ===  / ) {
  res.writeHead(200, "OK", { Content-Type :  text/html });
  res.write(loginPage);
  res.end();
} else if(req.method ===  GET  && req.url ===  /login.js ) {
  res.writeHead(200, "OK", { Content-Type :  application/javascript });
  res.write(loginPageJs);
  res.end();
} else if(req.method ===  GET  && req.url ===  /jquery-1.11.2.js ) {
  res.writeHead(200, "OK", { Content-Type :  application/javascript });
  res.write(jquery);
  res.end();
} else if(req.method ===  GET  && req.url ===  /bootstrap-3.3.4-     dist/js/bootstrap.min.js ) {
  res.writeHead(200, "OK", { Content-Type :  application/javascript });
  res.write(bootstrap);
  res.end();
} else if(req.method === "OPTIONS" && req.url ===  / ) {
  res.writeHead(204, "No Content", {
    "access-control-allow-origin": origin,
    "access-control-allow-methods": "GET, POST, PUT, DELETE, OPTIONS",
    "access-control-allow-headers": "content-type, accept",
    "access-control-max-age": 10,
    "content-length": 0
  });

  var requestBodyBuffer = [];

  req.on("data", function(chunk) {
    requestBodyBuffer.push(chunk);
  })

  req.on("end", function() {
    var requestBody = requestBodyBuffer.join("");
    var obj = JSON.parse(requestBody);
    if(obj.hasOwnProperty( username ) && obj.hasOwnProperty( password ))  {
      console.log(obj.username);
      console.log(obj.password);
    }
  })
 }

}).listen(443);

Answer 1

最近,我写了一份供谁看的书,我也有这个问题,但最后,在检查所有可能性之后,我的工作是正确的。

this is a helpful article for generating self-signed certificates :

https://www.dataalocean.com/ community/tutorials/openssl-essentials-working-with-sl-certificates- private-keys-and-csrs”rel=“nofollow”>https://www.dataalocean.com/ community/tutorials/opensl-essentials-working-with-sl-certificates- private-keys-and-csrs

* Comment s In Code Will Help You **

index.js Code :

 function checkAvailability(domainParsed) {

        $.ajax({
            method : "GET",
            url : "https://localhost:55555/check", // Pay attention To This Line 
                            "Content-Type" : "application/json",
            data : {domain : domainParsed , array : postFixesArray } 

            }).done(function(data) {
                    availableDomanisToShow = data.availableDomains;
                    registeredDomanisToShow = data.registeredDomains;
            });

    }

server.js Code :

var bodyParser = require("body-parser") ;
var unirest = require( unirest );
var https = require( https );
var http = require( http );
var fs = require( fs );
var express = require( express );
var app = express();

var registeredDomains = [];
var availableDomains = [];
var counter = 0 , i = 0;

app.use(bodyParser.json({ type:  application/json })) ;
app.use(bodyParser.urlencoded({ extended:true })) ;

app.use(function(req, res, next) {
    res.header("Access-Control-Allow-Origin", "*"); // Pay attention To This Line --> Cross domain request
    res.header("Access-Control-Allow-Headers", "Origin, X-Requested-With, Content-Type, Accept"); // Pay attention To This Line --> Cross domain request
    next();
});

app.use("/check",function(req,resp,next) {

   var fqdn,postfix;

   availableDomains = [];
   registeredDomains = []

   while( i < req.query.array.length) {
            fqdn = req.query.domain + req.query.array[i];
            postfix = req.query.array[i];
            checkAvailability(fqdn,postfix,req.query.array.length);
            console.log(req.query.array.length)
            i++;
   }

   function checkAvailability(domain,postfix,length) {
        unirest.get( https://jsonwhois.com/api/v1/whois ).headers({
                 Accept :  application/json ,
                 Authorization :  Token token=238d7da7fac57882a176cb14411d781a 
            }).query({
                "domain" :  domain
            }).end(function(response) {
                console.log(domain , response.body[ available? ]);
                if(true != response.body[ available? ]) {
                    registeredDomains.push(postfix);
                    counter++;
                    if(counter == length) {
                            counter = 0 ;
                            i = 0;
                            resp.json( { "registeredDomains" : registeredDomains , "availableDomains" : availableDomains } );                   
                    }
                }
                else  {
                    availableDomains.push(postfix);
                    counter++;
                    if(counter == length) {
                            counter = 0 ;
                            i = 0;
                            resp.json( { "registeredDomains" : registeredDomains , "availableDomains" : availableDomains } );
                    }
            }
       });
    }
});



 https.createServer({
  key: fs.readFileSync( key.pem ),
  cert: fs.readFileSync( cert.pem )
 }, app).listen(55555);

 http.createServer(app).listen(8000);
 console.log("httpsServer are Listening on " + 55555);
 console.log("httpServer are Listening on " + 8000);

Answer 2

为了测试/发展的目的,你也可以说出可以消除的ium安全。

• run/gogle chrome用以下论点取代用户数据,代之以你的书目,或如果你只需要一个枪弹配置,则代之以/格式

chromium-browser --allow-running-insecure-content --disable-web-security --user-data-dir=~/.config/chromium/Default

this is a helpful article for generating self-signed certificates :

*** Comment s In Code Will Help You ****

index.js Code :

server.js Code :

友情链接

* Comment s In Code Will Help You **