能够在.htaccess CORS [英] enable cors in .htaccess
问题描述
我创建了一个基本的RESTful服务与SLIM PHP框架,现在我试图连线起来,这样我可以从Angular.js项目访问该服务。我已阅读,角支持CORS开箱和所有我需要做的是加入这一行:标题设置访问控制 - 允许 - 起源*
我的。 htaccess文件。
I have created a basic RESTful service with the SLIM PHP framework and now I'm trying to wire it up so that I can access the service from an Angular.js project. I have read that Angular supports CORS out of the box and all I needed to do was add this line: Header set Access-Control-Allow-Origin "*"
to my .htaccess file.
我这样做,我的REST应用仍然是工作(从坏的.htaccess没有500内部服务器错误),但是当我尝试从的 test-cors.org 它抛出一个错误。
I've done this and my REST application is still working (no 500 internal server error from a bad .htaccess) but when I try to test it from test-cors.org it is throwing an error.
Fired XHR event: loadstart
Fired XHR event: readystatechange
Fired XHR event: error
XHR status: 0
XHR status text:
Fired XHR event: loadend
我的.htaccess文件看起来像这样
My .htaccess file looks like this
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ /index.php [QSA,L]
Header set Access-Control-Allow-Origin "*"
Header set Access-Control-Allow-Methods: "GET,POST,OPTIONS,DELETE,PUT"
有没有别的东西,我需要添加到我的.htaccess得到这个正常工作,或有另一种方式,以我的服务器上启用CORS?
Is there something else I need to add to my .htaccess to get this to work properly or is there another way to enable CORS on my server?
推荐答案
自从我拥有了一切被转发反正到index.php我想我会尝试的.htaccess文件中设置PHP中的标题,而不是和它的工作!好极了!这是我加什么的index.php其他任何人有这个问题。
Since I had everything being forwarded to index.php anyway I thought I would try setting the headers in PHP instead of the .htaccess file and it worked! YAY! Here's what I added to index.php for anyone else having this problem.
// Allow from any origin
if (isset($_SERVER['HTTP_ORIGIN'])) {
header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Max-Age: 86400'); // cache for 1 day
}
// Access-Control headers are received during OPTIONS requests
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
}
归功于slashingweapon他的回答在这个问题
由于我使用的是修身我加入这条路线,使OPTIONS请求得到一个HTTP 200响应
Because I'm using Slim I added this route so that OPTIONS requests get a HTTP 200 response
// return HTTP 200 for HTTP OPTIONS requests
$app->map('/:x+', function($x) {
http_response_code(200);
})->via('OPTIONS');
这篇关于能够在.htaccess CORS的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!