node.js 如何在 AngularJS 中使用 HTTPS?
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/18839524/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How can I use HTTPS in AngularJS?
提问by Dick Van Ocampo
I am using AngularJS, $resource& $httpand working with apis, however due to security reason I need to make an HTTPS request (work under the HTTPS protocol).
我正在使用 AngularJS$resource和 &$http并使用apis,但是由于安全原因,我需要发出 HTTPS 请求(在 HTTPS 协议下工作)。
What's the way to use httpsin AngularJS.
https在 AngularJS 中使用的方式是什么。
Thanks for your help.
谢谢你的帮助。
回答by craigb
Use the $httpapi as you would normally:
$http像往常一样使用api:
$http.get('/someUrl').success(successCallback);
if your app is being served over HTTPS then any calls you are making are to the same host/port etc so also via HTTPS.
如果您的应用程序通过 HTTPS 提供服务,那么您所做的任何调用都将通过 HTTPS 发送到相同的主机/端口等。
If you use the full URIs for your requests e.g. $http.get('http://foobar.com/somePath')then you will have to change your URIs to use https
如果您对请求使用完整的 URI,例如,$http.get('http://foobar.com/somePath')那么您将不得不更改您的 URI 以使用https
回答by Danil
For some reason Angular would send all requests over HTTP if you don't have a tailing / at the end of your requests. Even if the page itself is served through HTTPS.
出于某种原因,如果您的请求末尾没有尾随 /,Angular 会通过 HTTP 发送所有请求。即使页面本身是通过 HTTPS 提供的。
For example:
例如:
$http.get('/someUrl').success(successCallback); // Request would go over HTTP even if the page is served via HTTPS
But if you add a leading / everything would work as expected:
但是,如果您添加前导 / 一切都会按预期工作:
$http.get('/someUrl/').success(successCallback); // This would be sent over HTTPS if the page is served via HTTPS
EDIT: The root cause of this problem is that Angular looks at the actual headers from the server. If you have an incorrect internal pass of http data through https there will still be http headers and Angular would use them if you do not add / at the end. i.e. If you have an NGINX serving content through https, but passing requests to Gunicorn on the backend via http, you might have this issue. The way to fix that is to pass the correct headers to Gunicorn, so your framework would be under the impression of being served via https. In NGINX you can do this with the following line:
编辑:此问题的根本原因是 Angular 查看来自服务器的实际标头。如果您通过 https 内部传递的 http 数据不正确,那么仍然会有 http 标头,如果您没有在末尾添加 /,Angular 会使用它们。即如果你有一个通过 https 提供内容的 NGINX,但通过 http 将请求传递给后端的 Gunicorn,你可能会遇到这个问题。解决这个问题的方法是将正确的标头传递给 Gunicorn,这样您的框架就会给人一种通过 https 提供服务的印象。在 NGINX 中,您可以使用以下行执行此操作:
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Proto $scheme;
回答by Cork
I've recently run into similar issues using Angular 1.2.26, but only when interacting through a load-balancer - which may be stripping https-related headers...not sure of cause yet. I've resorted to this:
我最近在使用 Angular 1.2.26 时遇到了类似的问题,但只有在通过负载平衡器进行交互时才会出现 - 这可能会剥离与 https 相关的标头......还不确定原因。我求助于这个:
uri = $location.protocol() + "://" + $location.host() + "/someUrl"
You might want to add $location.port() also if using a non-standard port.
如果使用非标准端口,您可能还想添加 $location.port() 。
