流明:启用CORS [英] Lumen: Enable CORS
问题描述
我使用Lumen构建了一个API,并希望使用JavaScript和XMLHttpRequest对象进行访问.但是每次我的PUT,GET,POST和DELETE请求都转换为 OPTIONS-Request 时.我读了很多有关CORS信息的网站.我用以下内容构建中间件:
I built an API with Lumen and want to access it with JavaScript and the XMLHttpRequest object. But every time my PUT, GET, POST, and DELETE requests are transformed into OPTIONS - Request. I read a lot of websites with information of CORS. I build middleware with the following content:
class CORSMiddleware
{
public function handle($request, \Closure $next)
{
$response = null;
/* Preflight handle */
if ($request->isMethod('OPTIONS')) {
$response = new Response();
} else {
$response = $next($request);
}
$response->header('Access-Control-Allow-Methods', 'OPTIONS, HEAD, GET, POST, PUT, DELETE');
$response->header('Access-Control-Allow-Headers', $request->header('Access-Control-Request-Headers'));
$response->header('Access-Control-Allow-Origin', '*');
return $response;
}
}
我的客户代码:
var url = "http://localhost:8000/api/user";
var xmlHttpRequest = new XMLHttpRequest();
xmlHttpRequest.open('PUT', url, false);
xmlHttpRequest.send('{"username": "ABC", "password": "ABC","email": "mail@cool.xyz" }');
if (xmlHttpRequest.status == 200) {
console.log(xmlHttpRequest.responseText);
}
我的GET请求的请求信息:
My request-information of GET request:
Host: localhost:8000
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Origin: null
Connection: keep-alive
Cache-Control: max-age=0
我对GET请求的响应信息:
My response-information of a GET request:
Access-Control-Allow-Methods: OPTIONS, HEAD, GET, POST, PUT, DELETE
Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sun, 27 Dec 2015 10:36:51 GMT
Host: localhost:8000
x-powered-by: PHP/7.0.0
我对PUT请求的请求信息:
My request-information of a PUT request:
Host: localhost:8000
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:43.0) Gecko/20100101 Firefox/43.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: de,en-US;q=0.7,en;q=0.3
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: PUT
Origin: null
Connection: keep-alive
Cache-Control: max-age=0
我对PUT请求的响应信息:
My response information of a PUT request:
Cache-Control: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
Date: Sun, 27 Dec 2015 10:36:51 GMT
Host: localhost:8000
x-powered-by: PHP/7.0.0
在预检中没有"Access-Control-Allow- *"标题.我不知道为什么;我通过lumen-cors-middleware启用了它.
In the preflight there are no "Access-Control-Allow-*"-Headers. I don't know why; I enabled it with my lumen-cors-middleware.
推荐答案
将以下标头添加到public/.htaccess文件中.
Add following headers into public/.htaccess file.
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods "GET,POST,PUT,DELETE,OPTIONS"
Header set Access-Control-Allow-Credentials "true"
这对于解决跨源问题"非常有用.
this is working fine for to resolve Cross Origin Issue.
这篇关于流明:启用CORS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!