Angularjs“访问控制允许来源”使用Laravel CORS [英] Angularjs 'Access-Control-Allow-Origin' using Laravel CORS

问题描述

我刚刚安装Laravel CORS由 barryvdh ，模块正常工作，据我所知，但我似乎仍然面临着访问控制允许来源误差

I have just installed Laravel CORS by barryvdh, the module works fine to my knowledge but i seem to be still facing the Access-Control-Allow-Origin error

XMLHtt prequest无法加载
  的http://acns.example.com:8000/status/d6uIlvwwi8PrvQe4kQfufyZ0LlqQqJyGeyJjdC…I4OTYzMTJlYzYyMmMxOTVkNWI5YjNjYzM1MTczNyIsInMiOiI2ZDcwZDg5N2FkOTQxZDFkIn0=.
  无访问控制允许来源标头的请求present
  资源。因此出身 http://www.example.com:8000 '不是
  允许访问。

XMLHttpRequest cannot load http://acns.example.com:8000/status/d6uIlvwwi8PrvQe4kQfufyZ0LlqQqJyGeyJjdC…I4OTYzMTJlYzYyMmMxOTVkNWI5YjNjYzM1MTczNyIsInMiOiI2ZDcwZDg5N2FkOTQxZDFkIn0=. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.example.com:8000' is therefore not allowed access.

下面是我的角度code执行功能：

below is my angular code to execute the function:

var SomeApp = angular.module('SomeApp',['ngResource','ngSanitize'])
SomeApp.factory('SomeAppService', ['$resource', function($resource){

    return {          
       firstActions : $resource(svrid('acns') + '/action/:payload',{payload:'@payload'},
                {
                    'remove': {method:'DELETE',isArray:true, cache:false},
                    'save' : {method:'POST', isArray:true, cache:false},
                    'query' : {method:'GET', isArray:true,cache:false},
                }, {cache:false}        
        ),

        //some more other functions
    };

 }]);

在进一步跳水到code，我认识到，没有被包含在XHR请求的supposingly附加头（参见下图）

While further diving into the code, i realize that the supposingly appended headers are not being included in the xhr request (refer image below)

我缺少的是在这里吗？

What am I missing here?

更新1：我微微缩小最有可能涉及到 barryvdh的laravel问题-cors 使用 asm89堆栈-CORS ，其中由配置\\ cors.php是没有正确传递给asm89。不是很有信心的问题，但我做了一些手动操作导致选项来工作，当我手动传递配置\\ cors.php 来asm89但在另一方面会导致其他方法失败。

Update 1: I slightly narrow down the problem most probably related to barryvdh's laravel-cors that uses asm89's stack-cors where by the config\cors.php is not properly passed to asm89. Not very confident with the problem but i did some manual override which causes OPTIONS to work when i manually pass the array in config\cors.php to asm89 but then on the other hand causes other methods to fail.

更新2：我试图手动更改在 Asm89 \\栈\\ CorsService一节给它像这样的默认值：

Update 2: i tried manually alter a section under Asm89\Stack\CorsService give it a default value like such:

private function normalizeOptions(array $options = array())
    {
            $options += array(
            'allowedOrigins' => array('*'),
            'supportsCredentials' => true,
            'allowedHeaders' => array('*'),
            'exposedHeaders' => array('*'),
            'allowedMethods' => array('*'),
            'maxAge' => 0,
        );
        // Some other codes
        // normalize array('*') to true

        return $options;
    }

和注释掉一个小小的栏目

and comment out one small section

public function handlePreflightRequest(Request $request)
{
    /*if (true !== $check = $this->checkPreflightRequestConditions($request)) {
    return $check;
    }*/

    return $this->buildPreflightCheckResponse($request);
}

这完全适用于preflight 选项和 GET 方法，但 POST 和删除方法会提示我有一个错误

It works perfectly for preflight OPTIONS and GET method but POST and DELETE method will prompt me with an error

没有'访问控制允许来源标头present的要求
  资源。因此出身 http://www.example.com:8000 '不是
  允许访问。响应有HTTP状态code 500。

No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.example.com:8000' is therefore not allowed access. The response had HTTP status code 500.

在preflight后选项要求

After the preflight OPTIONS request

推荐答案

我有一个类似的问题，所有的跨域的AJAX请求会的工作，期望POST请求。该POST的响应将缺少访问控制允许来源头，但GET和DELETE请求充当预期。

I was having a similar issue, where all cross-domain AJAX requests would work, expect for POST requests. The POST responses would be missing the 'Access-Control-Allow-Origin' header, but GET and DELETE requests functioned as expected.

原来，我不得不去$ P $残疾人燮pression在php.ini pcated警告，并通过

It turned out that I had disabled suppression of deprecated warning in php.ini, and by using

$data = Input::json()->all();

在我的控制器，PHP被扔了

in my controller, PHP was throwing a

 PHP Deprecated:  Automatically populating $HTTP_RAW_POST_DATA is deprecated and will be removed in a future version. To avoid this warning set 'always_populate_raw_post_data' to '-1' in php.ini and use the php://input stream instead. in Unknown on line 0

警告，接着

PHP Warning:  Cannot modify header information - headers already sent

警告。

这意味着，我的自定义页眉从未发送。我简单地SUP $ P $固定的问题在php.ini pssing去precated警告。

pcated问题的德$ P $我将不得不应对未来，但现在它是一个功能的解决方法，以获得在laravel从JSON请求POST数据。

The deprecated problem I will have to deal with in the future, but for now it's a functioning workaround to getting POST data from JSON requests in laravel.

这篇关于Angularjs“访问控制允许来源”使用Laravel CORS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！