在 symfony 4 上允许 CORS [英] Allow CORS on symfony 4

问题描述

我最近需要允许 CORS，在我搜索解决方案时我发现了 nelmio/NelmioCorsBundle.

I recently needed to allow CORS and on my search for a solution I found nelmio/NelmioCorsBundle.

对于乞求，我可以允许来自任何来源的请求，所以这是我的app/config/config.yml:

For the begging I can allow request from any origin, so this is my app/config/config.yml:

nelmio_cors:
    defaults:
        allow_credentials: false
        allow_origin: ['*']
        allow_headers: ['*']
        allow_methods: ['GET', 'POST', 'PUT', 'DELETE', 'OPTIONS']
        max_age: 3600
        origin_regex: false 

它仅适用于 GET 请求，任何 POST 请求都会返回:

It worked for GET requests only, any POST request returns:

请求中不存在Access-Control-Allow-Origin"标头资源.

No 'Access-Control-Allow-Origin' header is present on the requested resource.

我不一定需要使用这个包，在乞求时我试图取消注释 TRUSTED_HOSTS 并将它设置为我的域在 dotenv 文件中，但它是为了没用.此外，我在文档中没有找到有关此 TRUSTED_HOSTS 的任何帮助.

I don't need necessarily to work with this bundle, at the begging i tried to uncomment TRUSTED_HOSTS and set it with my domain on dotenv file but it was for no use. Also I didn't found any help about this TRUSTED_HOSTS in docs.

因此，我会很高兴在 symfony 上对此包或 CORS 的任何其他解决方案提供任何帮助.

So any help with this bundle or any other solution to CORS on symfony I would be glad.

按照我的要求，我正在更新当前的 nelmiocors 配置:

As asked I'm updating with my current config of nelmiocors:

# app/config/config.yml

# Nelmio CORS Configuration
nelmio_cors:
    defaults:
        origin_regex: true
        allow_origin: ['%env(CORS_ALLOW_ORIGIN)%']
        allow_methods: ['GET', 'OPTIONS', 'POST', 'PUT', 'PATCH', 'DELETE']
        allow_headers: ['Content-Type', 'Authorization']
        expose_headers: ['Link']
        max_age: 3600
    paths:
        '^/':
          origin_regex: true
          allow_origin: ['%env(CORS_ALLOW_ORIGIN)%']
          # allow_origin: ['^http://localhost:[0-9]+']
          allow_headers: ['*']
          allow_methods: ['GET', 'OPTIONS', 'POST', 'PUT', 'PATCH', 'DELETE']
          # allow_methods: ['POST', 'PUT', 'GET', 'DELETE']
          max_age: 3600
          # hosts: ['^api\.']

推荐答案

不知道到底是哪里出了问题，但因为其中一条评论有所帮助(帮助的人可能已经删除了自己的评论).

Don't know what exactly was wrong, but as one of the comments helped (the person who helped might have deleted his own comment).

我最终得到了 Nelmio CORS 的这个配置:

I end up with this configuration to Nelmio CORS:

nelmio_cors:
    defaults:
        origin_regex: true
        allow_origin: ['*']
        allow_methods: ['GET', 'OPTIONS', 'POST', 'PUT', 'PATCH', 'DELETE']
        allow_headers: ['Content-Type', 'Authorization']
        expose_headers: ['Link']
        max_age: 3600
    paths:
        '^/': ~

然后从 cli 和手动清除缓存，它工作了.

And after that cleared the cache from cli and manually and it worked.

我猜我做错了什么:当我第一次配置 Nelmio CORS 时，我没有清除缓存，因此它不起作用.之后我尝试了一些其他的配置组合，即使我清除了缓存，它也不起作用.这让我觉得如果我没有忘记清除缓存，代码应该从乞讨开始工作，在此之后我使用了无效的配置并且显然清除缓存这是行不通的.总之，这是一个初学者的错误.

这篇关于在 symfony 4 上允许 CORS的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！