CORS 预检请求未通过访问控制检查:它没有 HTTP ok 状态 [英] CORS preflight request doesn't pass access control check: It does not have HTTP ok status
问题描述
我正在尝试使用授权标头向我的 Wordpress REST API 发出 GET/POST 请求,但作为回应,我得到了
I am trying to make a GET/POST Request to my Wordpress REST API using Authorization Headers but in response i am getting
预检请求未通过访问控制检查:它没有 HTTP ok 状态.
preflight request doesn't pass access control check: It does not have HTTP ok status.
我正在将 JWT 身份验证用于 WP-API 进行身份验证,并尝试了几乎所有在互联网上找到的可能选项,但没有成功.
I am using JWT Authentication for WP-API for Authentication and tried almost every possible option found on the internet but no luck.
看看我当前的 .htaccess 配置
Have a look at my current .htaccess configurations
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
RewriteCond %{REQUEST_METHOD} OPTIONS
RewriteRule ^(.*)$ $1 [R=200,L]
</IfModule>
<IfModule mod_headers.c>
Header always set X-Content-Type-Options "nosniff"
<IfModule mod_setenvif.c>
SetEnvIf Origin "^(http://localhost:3000)$" CORS=$0
</IfModule>
Header set Access-Control-Allow-Origin %{CORS}e env=CORS
Header set Access-Control-Allow-Credentials "true" env=CORS
Header set Access-Control-Allow-Methods "GET, POST, OPTIONS, HEAD" env=CORS
Header set Access-Control-Allow-Headers "*" env=CORS
Header set Access-Control-Expose-Headers "*" env=CORS
<FilesMatch "\.(php|html)$">
</FilesMatch>
</IfModule>
从 axios 发出请求时出现此错误
I am getting this error when the request is made from axios
从源 'http://localhost:3000' 访问位于 'HIDDEN_SERVER_ADDRESS' 的 XMLHttpRequest 已被 CORS 政策阻止:对预检请求的响应未通过访问控制检查:它没有 HTTP ok 状态.
Access to XMLHttpRequest at 'HIDDEN_SERVER_ADDRESS' from origin 'http://localhost:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.
在 PostMan 中,调用工作正常并给出了预期的结果.
In PostMan the calls are working fine and giving desired results.
推荐答案
在 .htaccess 中尝试所有可能的解决方案对我的情况没有帮助.因此,如果其他人在同一页面上,这里有一个对我有用的解决方案.
Trying every possible solution in .htaccess didn't help in my case. So if anyone else is on the same page here is a solution that worked for me.
将此代码放在 index.php 文件中,它会像魅力一样工作.
put this code in the index.php file and it will work like a charm.
header('Access-Control-Allow-Origin: *');
header("Access-Control-Allow-Methods: HEAD, GET, POST, PUT, PATCH, DELETE, OPTIONS");
header("Access-Control-Allow-Headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method,Access-Control-Request-Headers, Authorization");
header('Content-Type: application/json');
$method = $_SERVER['REQUEST_METHOD'];
if ($method == "OPTIONS") {
header('Access-Control-Allow-Origin: *');
header("Access-Control-Allow-Headers: X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method,Access-Control-Request-Headers, Authorization");
header("HTTP/1.1 200 OK");
die();
}
这篇关于CORS 预检请求未通过访问控制检查:它没有 HTTP ok 状态的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!