你好,这是我在这里的第一篇文章!
几天来我一直在尝试调试这个问题,但无法弄清楚。 当我向 Rails api 发出发布请求时,我收到了这个我以前从未见过的错误:
Started POST "/owners" for ::1 at 2021-01-12 11:24:15 -0500
(1.0ms) SELECT "schema_migrations"."version" FROM "schema_migrations" ORDER BY "schema_migrations"."version" ASC
Processing by OwnersController#create as */*
Parameters: {"email"=>"adam", "password"=>"[FILTERED]", "owner"=>{"email"=>"adam"}}
HTTP Origin header (http://localhost:3000) didn't match request.base_url (http://localhost:3001)
Completed 422 Unprocessable Entity in 0ms (ActiveRecord: 1.8ms | Allocations: 476)
ActionController::InvalidAuthenticityToken (ActionController::InvalidAuthenticityToken):
就像我说的,我以前从未见过这种情况,我也不知道我是怎么造成的。我没有使用代理服务器,我在这个项目中尝试的唯一可能搞砸的新东西是我安装了设计 gem,但决定不使用它并删除了它。
我尝试过的事情:
确保我没有挂起的迁移:
检查我的路线:
Rails.application.routes.draw do
resources :owners
resources :dogs
post 'login', to: 'sessions#create'
end
然后我认为这可能是cors问题:
require_relative 'boot'
require 'rails/all'
# Require the gems listed in Gemfile, including any gems
# you've limited to :test, :development, or :production.
Bundler.require(*Rails.groups)
module Backend
class Application < Rails::Application
# Initialize configuration defaults for originally generated Rails version.
config.load_defaults 6.0
# Settings in config/environments/* take precedence over those specified here.
# Application configuration can go into files in config/initializers
# -- all .rb files in that directory are automatically loaded after loading
# the framework and any gems in your application.
config.api_only = true
config.middleware.insert_before 0, Rack::Cors do
allow do
origins '*'
resource(
'*',
headers: :any,
methods: [:get, :patch, :put, :delete, :post, :options, :head]
)
end
end
end
end
然后我尝试用谷歌搜索有关无效的真实性 token 和 http 源 header 的内容,但找不到有用的解决方案或我能理解的解决方案。
(最后说明:我尝试将其从发布请求更改为获取请求并且它有效但发布会导致错误)
提前感谢您的任何建议
最佳答案
在我的例子中,问题出在虚拟主机的 Nginx 设置上。 在以下位置找到了答案:https://github.com/rails/rails/issues/22965#issuecomment-169956605
Fix by adding more headers in Nginx (X-Forwarded-Ssl on, X-Forwarded-Port 443 and X-Forwarded-Host hostname)
这是编辑后的部分:
location @app {
proxy_pass http://app;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header Host $http_host;
proxy_redirect off;
}
关于ruby-on-rails - 为什么我的 HTTP Origin header 与 request.base_url 不匹配以及如何修复?,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/65688157/