小贝子编程

Rails 服务器启动错误.请指定更严格的源 CORS 配置



当我尝试在Ubuntu中启动rails服务器时出错。(命令'sudo rails server')

我尝试更改本地化设置。删除管理面板设置中的默认语言。

Exiting
/var/lib/gems/2.3.0/gems/rack-cors-1.0.2/lib/rack/cors.rb:331:in `initialize': Allowing credentials for wildcard origins is insecure. Please specify more restrictive origins or set 'credentials' to false in your CORS configuration. (Rack::Cors::Resource::CorsMisconfigurationError)
        from /var/lib/gems/2.3.0/gems/rack-cors-1.0.2/lib/rack/cors.rb:291:in `new'
        from /var/lib/gems/2.3.0/gems/rack-cors-1.0.2/lib/rack/cors.rb:291:in `resource'
        from /var/www/myshop/angularspree-api/config/application.rb:43:in `block (2 levels) in <class:Application>'
        from /var/lib/gems/2.3.0/gems/rack-cors-1.0.2/lib/rack/cors.rb:62:in `instance_eval'
        from /var/lib/gems/2.3.0/gems/rack-cors-1.0.2/lib/rack/cors.rb:62:in `allow'
        from /var/www/myshop/angularspree-api/config/application.rb:40:in `block in <class:Application>'
        from /var/lib/gems/2.3.0/gems/rack-cors-1.0.2/lib/rack/cors.rb:47:in `instance_eval'
        from /var/lib/gems/2.3.0/gems/rack-cors-1.0.2/lib/rack/cors.rb:47:in `initialize'
        from /var/lib/gems/2.3.0/gems/actionpack-4.2.6/lib/action_dispatch/middleware/stack.rb:43:in `new'
        from /var/lib/gems/2.3.0/gems/actionpack-4.2.6/lib/action_dispatch/middleware/stack.rb:43:in `build'
        from /var/lib/gems/2.3.0/gems/actionpack-4.2.6/lib/action_dispatch/middleware/stack.rb:118:in `block in build'
        from /var/lib/gems/2.3.0/gems/actionpack-4.2.6/lib/action_dispatch/middleware/stack.rb:118:in `each'
        from /var/lib/gems/2.3.0/gems/actionpack-4.2.6/lib/action_dispatch/middleware/stack.rb:118:in `inject'
        from /var/lib/gems/2.3.0/gems/actionpack-4.2.6/lib/action_dispatch/middleware/stack.rb:118:in `build'
        from /var/lib/gems/2.3.0/gems/railties-4.2.6/lib/rails/engine.rb:502:in `app'
        from /var/lib/gems/2.3.0/gems/railties-4.2.6/lib/rails/application/finisher.rb:34:in `block in <module:Finisher>'
        from /var/lib/gems/2.3.0/gems/railties-4.2.6/lib/rails/initializable.rb:30:in `instance_exec'
        from /var/lib/gems/2.3.0/gems/railties-4.2.6/lib/rails/initializable.rb:30:in `run'
        from /var/lib/gems/2.3.0/gems/railties-4.2.6/lib/rails/initializable.rb:55:in `block in run_initializers'
        from /usr/lib/ruby/2.3.0/tsort.rb:228:in `block in tsort_each'
        from /usr/lib/ruby/2.3.0/tsort.rb:350:in `block (2 levels) in each_strongly_connected_component'
        from /usr/lib/ruby/2.3.0/tsort.rb:431:in `each_strongly_connected_component_from'
        from /usr/lib/ruby/2.3.0/tsort.rb:349:in `block in each_strongly_connected_component'
        from /usr/lib/ruby/2.3.0/tsort.rb:347:in `each'
        from /usr/lib/ruby/2.3.0/tsort.rb:347:in `call'
        from /usr/lib/ruby/2.3.0/tsort.rb:347:in `each_strongly_connected_component'
        from /usr/lib/ruby/2.3.0/tsort.rb:226:in `tsort_each'
        from /usr/lib/ruby/2.3.0/tsort.rb:205:in `tsort_each'
        from /var/lib/gems/2.3.0/gems/railties-4.2.6/lib/rails/initializable.rb:54:in `run_initializers'
        from /var/lib/gems/2.3.0/gems/railties-4.2.6/lib/rails/application.rb:352:in `initialize!'
        from /var/www/myshop/angularspree-api/config/environment.rb:5:in `<top (required)>'
        from /var/lib/gems/2.3.0/gems/polyglot-0.3.5/lib/polyglot.rb:65:in `require'
        from /var/lib/gems/2.3.0/gems/polyglot-0.3.5/lib/polyglot.rb:65:in `require'
        from /var/lib/gems/2.3.0/gems/activesupport-4.2.6/lib/active_support/dependencies.rb:274:in `block in require'
        from /var/lib/gems/2.3.0/gems/activesupport-4.2.6/lib/active_support/dependencies.rb:240:in `load_dependency'
        from /var/lib/gems/2.3.0/gems/activesupport-4.2.6/lib/active_support/dependencies.rb:274:in `require'
        from /var/www/myshop/angularspree-api/config.ru:3:in `block in <main>'
        from /var/lib/gems/2.3.0/gems/rack-1.6.8/lib/rack/builder.rb:55:in `instance_eval'
        from /var/lib/gems/2.3.0/gems/rack-1.6.8/lib/rack/builder.rb:55:in `initialize'
        from /var/www/myshop/angularspree-api/config.ru:in `new'
        from /var/www/myshop/angularspree-api/config.ru:in `<main>'
        from /var/lib/gems/2.3.0/gems/rack-1.6.8/lib/rack/builder.rb:49:in `eval'
        from /var/lib/gems/2.3.0/gems/rack-1.6.8/lib/rack/builder.rb:49:in `new_from_string'
        from /var/lib/gems/2.3.0/gems/rack-1.6.8/lib/rack/builder.rb:40:in `parse_file'
        from /var/lib/gems/2.3.0/gems/rack-1.6.8/lib/rack/server.rb:300:in `build_app_and_options_from_config'
        from /var/lib/gems/2.3.0/gems/rack-1.6.8/lib/rack/server.rb:209:in `app'
        from /var/lib/gems/2.3.0/gems/railties-4.2.6/lib/rails/commands/server.rb:61:in `app'
        from /var/lib/gems/2.3.0/gems/rack-1.6.8/lib/rack/server.rb:337:in `wrapped_app'
        from /var/lib/gems/2.3.0/gems/railties-4.2.6/lib/rails/commands/server.rb:139:in `log_to_stdout'
        from /var/lib/gems/2.3.0/gems/railties-4.2.6/lib/rails/commands/server.rb:78:in `start'
        from /var/lib/gems/2.3.0/gems/railties-4.2.6/lib/rails/commands/commands_tasks.rb:80:in `block in server'
        from /var/lib/gems/2.3.0/gems/railties-4.2.6/lib/rails/commands/commands_tasks.rb:75:in `tap'
        from /var/lib/gems/2.3.0/gems/railties-4.2.6/lib/rails/commands/commands_tasks.rb:75:in `server'
        from /var/lib/gems/2.3.0/gems/railties-4.2.6/lib/rails/commands/commands_tasks.rb:39:in `run_command!'
        from /var/lib/gems/2.3.0/gems/railties-4.2.6/lib/rails/commands.rb:17:in `<top (required)>'
        from /var/www/myshop/angularspree-api/bin/rails:9:in `require'
        from /var/www/myshop/angularspree-api/bin/rails:9:in `<top (required)>'
        from /var/lib/gems/2.3.0/gems/spring-2.0.2/lib/spring/client/rails.rb:28:in `load'
        from /var/lib/gems/2.3.0/gems/spring-2.0.2/lib/spring/client/rails.rb:28:in `call'
        from /var/lib/gems/2.3.0/gems/spring-2.0.2/lib/spring/client/command.rb:7:in `call'
        from /var/lib/gems/2.3.0/gems/spring-2.0.2/lib/spring/client.rb:30:in `run'
        from /var/lib/gems/2.3.0/gems/spring-2.0.2/bin/spring:49:in `<top (required)>'
        from /var/lib/gems/2.3.0/gems/spring-2.0.2/lib/spring/binstub.rb:31:in `load'
        from /var/lib/gems/2.3.0/gems/spring-2.0.2/lib/spring/binstub.rb:31:in `<top (required)>'
        from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:68:in `require'
        from /usr/lib/ruby/2.3.0/rubygems/core_ext/kernel_require.rb:68:in `require'
        from /var/www/myshop/angularspree-api/bin/spring:15:in `<top (required)>'
        from bin/rails:3:in `load'
        from bin/rails:3:in `<main>'

您收到通配符源错误,这意味着您很可能在 CORS 配置中使用通配符段。尝试为 Cors 指定通配符段时,您必须在配置中使用正则表达式。像这样:

config/application.rb 

config.middleware.use Rack::Cors do
  allow do
    origins /http://(.*?).example.com/
    resource '*', :headers => :any, :methods => [:get, :post, :options]
  end
end

其中将包括子域。参考:https://web-in-security.blogspot.de/2017/07/cors-misconfigurations-on-large-scale.html 有关各种其他错误配置错误的信息。

相关内容

最新更新


热门标签:

javascript python java c# php android html jquery c++ css ios sql mysql arrays asp.net json python-3.x ruby-on-rails .net sql-server django objective-c excel regex ruby linux ajax iphone xml vba spring asp.net-mvc database wordpress string postgresql wpf windows xcode bash git oracle list vb.net multithreading eclipse algorithm macos powershell visual-studio image forms numpy scala function api selenium