访问控制允许起源错误..(使用cordova)

问题描述:

我正在尝试连接服务器和客户端。(混合应用程序!使用cordova)
但是Access-Control-Allow-Origin错误..so我下载了chrome扩展程序cors ..但不起作用..

I'm trying to web server and client..(Hybrid app! using cordova) But Access-Control-Allow-Origin error..so I downloaded chrome extension program cors.. but doesn't working..

[server.js]

[server.js]

var app = require('express')();
var http = require('http').Server(app);
var cors = require('cors');
var io = require('socket.io')(http);

// io.set('origins','*:*');

io.on('connection', function(socket){
  console.log('a user connected');
  socket.on('weather_location', function(msg){
    socket.emit('message', msg);
  })
});

http.listen(80, function(){
  console.log('listening on *:3737');
});

[index.html]

[index.html]

<!DOCTYPE html>

<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta name="viewport" content="initial-scale=1.0, user-scalable=no">
<meta http-equiv="Access-Control-Allow-Origin" content="*">
<html>
<head>
    <title>location_weather</title>
    <script src="http://code.jquery.com/jquery-1.11.0.min.js"></script>
    <script src="http://code.jquery.com/jquery-migrate-1.2.1.min.js"></script>
    <!-- <script type='text/javascript' src='/socket.io/socket.io.js'></script>   -->
    <script src="https://cdnjs.cloudflare.com/ajax/libs/socket.io/2.1.0/socket.io.slim.js"/>
    <!-- <script type="text/javascript" src="./js/socket.io.js"/> -->
    <script type="text/javascript" src="https://openapi.map.naver.com/openapi/v3/maps.js?clientId=irru1vaga0dOPnfgy29o&submodules=geocoder"></script>  
 <!--    <meta http-equiv="Content-Security-Policy" content="default-src 'self' data: gap: https://ssl.gstatic.com 'unsafe-eval'; style-src 'self' 'unsafe-inline'; media-src *; connect-src ws://example.com wss://example.com"> -->
</head>
<body>
    <button id="weatherBtn" onclick="weather_location();">클릭</button>
</body>

</html> 


<script>
    var socket = io.connect('http://202.31.200.138:80');
    //var socket = io();ttp
    $(function (){
        //var socket = io.connect('http://202.31.200.138:3330');

        socket.on('message', function(data){
            console.log(data);
            alert(data);
        });

    });

    function weather_location(){
        alert("hello");
        socket.emit('weather_location','message');
    }
    // function location_weather(){
    //  if(navigator.geolocation){
    //      navigator.geolocation.getCurrentPosition(function(position){
    //          alert("위도 : " + position.coords.latitude + "tt" + position.coords.longitude);
    //      }, function(error){
    //          console.error(error);
    //      },{
    //          enableHighAccuracy : false, 
    //          maximumAge : 0, 
    //          timeout : Infinity
    //      });
    //      socket.emit('weather_location',position.coords.latitude );
    //  } else {
    //      alert("GPS를 지원하지 않습니다.");
    //  }

    //      //return false;
    // }


</script>

[错误]

当请求的凭据模式为 include时,响应中的 Access-Control-Allow-Origin标头不得为通配符 *。因此,不允许访问原始 null。 XMLHttpRequest发起的请求的凭据模式由withCredentials属性控制。

The value of the 'Access-Control-Allow-Origin' header in the response must not be the wildcard '*' when the request's credentials mode is 'include'. Origin 'null' is therefore not allowed access. The credentials mode of requests initiated by the XMLHttpRequest is controlled by the withCredentials attribute.

请帮助我...

您需要添加白名单插件

https://github.com/apache/cordova-plugin-whitelist

在config.xml中添加

In config.xml add

<!-- will not stop any calls -->
<access origin="*" />