CORS预检请求返回HTTP 405 [英] CORS preflight request returning HTTP 405
问题描述
我正在尝试创建一个RESTful Web服务,并且停止实施PUT请求。我已经尝试,没有按照其他答案在这个网站和各种文章从Mozilla。
I am trying to create a RESTful web service and have gotten stuck on implementing PUT requests. I have tried and failed to follow other answers on this site and various articles from Mozilla.
请求是从域 wwwtest.dev-框,它会转到 test.dev-box (基本上是一个前端应用调用后端应用)。这是我从Live HTTP标头捕获的标头:
The request is generated from the domain wwwtest.dev-box and it's going to test.dev-box (basically a front-end app calling the back-end app). Here are the headers I have captured from Live HTTP headers:
http://test.dev-box/resource/v1/data/user/1
OPTIONS /resource/v1/data/user/1 HTTP/1.1
Host: test.dev-box
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Firefox/24.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Origin: http://wwwtest.dev-box
Access-Control-Request-Method: PUT
Connection: keep-alive
HTTP/1.1 405 Method Not Allowed
Date: Wed, 16 Oct 2013 16:15:58 GMT
Server: Apache/2.2.15 (Red Hat)
x-powered-by: PHP/5.3.27
Access-Control-Allow-Origin: http://wwwtest.dev-box
Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS
Access-Control-Max-Age: 1728000
Content-Length: 0
Allow: PUT
Cache-Control: no-cache
Connection: close
Content-Type: text/html; charset=UTF-8
我使用一个框架,所以一切都路由到web.php在页面顶部包含以下代码(取自此MDN文章): p>
I'm using a framework so everything is routed to web.php, which contains the following code at the top of the page (taken from this MDN article):
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
header('Access-Control-Allow-Origin: http://wwwtest.dev-box');
header('Access-Control-Allow-Methods: POST, GET, PUT, OPTIONS');
header('Access-Control-Max-Age: 1728000');
header("Content-Length: 0");
header("Content-Type: text/plain");
} else {
header("HTTP/1.1 403 Access Forbidden");
header("Content-Type: text/plain");
}
在我的代码发出PUT请求之前,它先发送CORS preflight OPTIONS正如你可以从上面的捕获看到的)。必需的头部应附加到响应,并告诉请求者允许PUT。不幸的是,你可以从上面的响应头部看到它仍然返回405方法不允许,即使PUT在响应访问控制允许方法。
Before my code makes the PUT request it sends the CORS preflight OPTIONS request first (as you can see from the capture above). The necessary headers should be attached to the response and tell the requester that PUT is allowed. Unfortunately as you can see from the response headers above it is still returning 405 Method Not Allowed even though PUT is in the response access-control-allow-methods.
这是我使用的框架的.htaccess文件(Silex):
This is the .htaccess file for the framework I'm using (Silex):
<IfModule mod_rewrite.c>
Options -MultiViews
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ web.php [QSA,L]
</IfModule>
推荐答案
我发现答案是Apache和框架配置。
I've found the answer to be a cross between Apache and framework configuration.
-
对于Apache配置,您可以将以下内容放入您的VirtualHost指令或.htaccess文件(如果它在.htaccess中记得用IfModule mod_headers.c标签封装)。将mod_rewrite重定向到的页面上的标题设置为不起作用:
For the Apache config you can either put the following into your VirtualHost directive, or in the .htaccess file of the requested domain (if it's in the .htaccess remember to encapsulate with IfModule mod_headers.c tags). Setting the headers on the page that mod_rewrite redirects to does not work:
标题设置Access-Control-Allow-Origin http://wwwtest.dev-box
Header set Access-Control-Allow-Origin "http://wwwtest.dev-box"
头文件集访问控制允许方法GET,POST,HEAD, DELETE,PUT,OPTIONS
Header set Access-Control-Allow-Methods "GET,POST,HEAD,DELETE,PUT,OPTIONS"
对于Silex配置,将以下内容放入应用程序路由。它基本上为它收到的任何OPTIONS请求发送一个HTTP 200 OK。在 Silex Google网上论坛上找到的代码:
For the Silex config, place the following into your application routes. It basically sends an HTTP 200 OK for any OPTIONS request it receives. Code found on the Silex Google Group:
$ app-> match({url},function($ url)use($ app){
returnOK;
}) - > assert url','。*') - > method(OPTIONS);
$app->match("{url}", function($url) use ($app) { return "OK"; })->assert('url', '.*')->method("OPTIONS");
以使RESTful应用程序正常运行。
Both steps need to be completed for the RESTful application to function properly.
这篇关于CORS预检请求返回HTTP 405的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
