1. 跨域访问
注意,因为如下场景,Options请求变得非常重要
- 如果APP端能够访问,网页却访问接口时说有Cors问题
- 如果options请求建立好了,返回也没问题,但是接下来的正儿八经的接口却访问失败,这种访问接口的表征是没有任何返回信息,完全是空白
- options请求返回一定是要对各个allow设置为*.不是随便设置的.
注意:
地球号的所有网络options请求都会转发到函数计算的dua_options函数,这个函数就是返回几个headerallow让网关转发给前端
在API网关实现CORS跨域资源共享
API网关默认所有API允许跨域访问,因此如果用户的API后端服务的应答中不做特殊返回,API网关会返回允许所有域跨域访问的相关头,下面是一个示例:
客户端的API请求
GET /simple HTTP/1.1
Host: www.alibaba.com
orgin: http://www.aliyun.com
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: application/json; charset=utf-8
date: Mon, 18 Sep 2017 09:53:23 GMT
后端服务应答
HTTP/1.1 200 OK
Date: Mon, 18 Sep 2017 09:53:23 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 12
{"200","OK"}
实现预先请求模式
API网关允许用户设置方法为OPTIONS的API,并且将后端服务的OPTIONS应答透传给客户端。新建方法为OPTIONS的API,定义的其他部分与正常API一样,有两点需要注意:
定义API认证方式时选择无认证
设置PATH为/,并且匹配所有子路径。选定方法为OPTIONS
定义API请求时,需要设置path为/,并且匹配所有子路径。选定方法为OPTIONS,API网关控制台会默认设置请求模式为透传模式,且不可修改,用户不需要定义请求参数;方法为OPTIONS的API定义
用户可以在每个API分组下建立一个方法的OPTIONS的API,来定义这一组API绑定的域名的跨域资源策略。用户可以是用CURL方法来测试自己的跨域API应答情况,下面是针对一个定义好的OPTIONS的API访问的一个示例:
sudo curl -X OPTIONS -H "Access-Control-Request-Method:POST" -H "Access-Control-Request-Headers:X-CUSTOM-HEADER" http://ec12ac094e734544be02c928366b7b26-cn-qingdao.alicloudapi.com/optinstest -i
HTTP/1.1 200 OK
Server: Tengine
Date: Sun, 02 Sep 2018 15:32:19 GMT
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
Access-Control-Allow-Headers: X-CUSTOM-HEADER
Access-Control-Max-Age: 172800
X-Ca-Request-Id: 1016AC86-E345-405C-8049-A6C24078F65F
用户在实现方法为OPTIONS的API的时候需要注意的一点是:API网关会对用户的后端服务应答做一定修改,增加四个跨域头(Access-Control-Allow-Origin、Access-Control-Allow-Methods、Access-Control-Allow-Headers、Access-Control-Max-Age),后端服务应答中,需要返回所有跨域头来覆盖API网关默认跨域头。
# -*- coding: utf-8 -*-
import logging
def handler(event, context):
headers = {
"Access-Control-Allow-Origin": "*",
"Access-Control-Allow-Methods": "GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH",
"Access-Control-Allow-Headers": "*",
"Access-Control-Max-Age": 172800
}
ret = {
"isBase64Encoded":False,
"statusCode":200,
"headers":headers,
"body":None
}
return ret
注意Access-Control-Allow-Headers里一定要*,表示允许很多header
下面是一个完整的预先请求模式的请求与应答示例。
客户端的方法为OPTIONS的API请求
OPTIONS /simple HTTP/1.1
Host: www.alibaba.com
orgin: http://www.aliyun.com
Access-Control-Request-Method: POST
Access-Control-Request-Headers: X-PINGOTHER, Content-Type
accept: application/json; charset=utf-8
date: Mon, 18 Sep 2017 09:53:23 GMT
后端服务应答
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://www.aliyun.com
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Headers: X-CUSTOM-HEADER
Access-Control-Max-Age: 10000
Date: Mon, 18 Sep 2017 09:53:23 GMT
Content-Type: application/json; charset=UTF-8
API网关应答
HTTP/1.1 200 OK
Access-Control-Allow-Origin: http://www.aliyun.com
Access-Control-Allow-Methods: GET,POST
Access-Control-Allow-Headers: X-CUSTOM-HEADER
Access-Control-Max-Age: 10000
X-Ca-Request-Id: 104735BD-8968-458F-9929-DBFA43F324C6
Date: Mon, 18 Sep 2017 09:53:23 GMT
Content-Type: application/json; charset=UTF-8
客户端发送正常业务请求
GET /simple HTTP/1.1
Host: www.alibaba.com
orgin: http://www.aliyun.com
content-type: application/x-www-form-urlencoded; charset=utf-8
accept: application/json; charset=utf-8
date: Mon, 18 Sep 2017 09:53:23 GMT
后端服务应答
HTTP/1.1 200 OK
Date: Mon, 18 Sep 2017 09:53:23 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 12
{"200","OK"}
API网关应答
HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,PUT,DELETE,HEAD,OPTIONS,PATCH
Access-Control-Allow-Headers: X-Requested-With,X-Sequence,X-Ca-Key,X-Ca-Secret,X-Ca-Version,X-Ca-Timestamp,X-Ca-Nonce,X-Ca-API-Key,X-Ca-Stage,X-Ca-Client-DeviceId,X-Ca-Client-AppId,X-Ca-Signature,X-Ca-Signature-Headers,X-Forwarded-For,X-Ca-Date,X-Ca-Request-Mode,Authorization,Content-Type,Accept,Accept-Ranges,Cache-Control,Range,Content-MD5
Access-Control-Max-Age: 172800
X-Ca-Request-Id: 104735BD-8968-458F-9929-DBFA43F324C6
Date: Mon, 18 Sep 2017 09:53:23 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 12
{"200","OK"}