Php 请求cloudinary资源会导致CORS错误
我有一个laravel/lumen服务器,管理我的cloudinary资源的上传。我还将服务器用作前端应用程序的API端点。其中一个端点从Cloudinary返回一个文件。我通过将请求重定向到Cloudinary资源来实现这一点。但是,我的应用程序失败,因为重定向的资源上没有CORS头Php 请求cloudinary资源会导致CORS错误,php,laravel,cors,cloudinary,Php,Laravel,Cors,Cloudinary,我有一个laravel/lumen服务器,管理我的cloudinary资源的上传。我还将服务器用作前端应用程序的API端点。其中一个端点从Cloudinary返回一个文件。我通过将请求重定向到Cloudinary资源来实现这一点。但是,我的应用程序失败,因为重定向的资源上没有CORS头 return redirect()->to("https://res.cloudinary.com/gates/raw/upload/" . $upload->id); 我得到的错误是: Redir
return redirect()->to("https://res.cloudinary.com/gates/raw/upload/" . $upload->id);
我得到的错误是:
Redirect from 'https://{my-server.com}/api/v1/export' to
'https://res.cloudinary.com/gates/raw/upload/{upload-id}' has been
blocked by CORS policy: No 'Access-Control-Allow-Origin' header is
present on the requested resource. Origin 'https://{my-frontend.com}'
is therefore not allowed access.
您可以在服务器上使用此库: 这是我的CORS中间件: 要使用CORS中间件,您必须首先在 app\Http\Kernel.php文件如下: 然后你可以在你的路线上使用它
return [
/*
|--------------------------------------------------------------------------
| Laravel CORS
|--------------------------------------------------------------------------
|
| allowedOrigins, allowedHeaders and allowedMethods can be set to array('*')
| to accept any value.
|
*/
'supportsCredentials' => false,
'allowedOrigins' => ['*'],
'allowedHeaders' => ['Content-Type', 'X-Requested-With'],
'allowedMethods' => ['*'], // ex: ['GET', 'POST', 'PUT', 'DELETE']
'exposedHeaders' => [],
'maxAge' => 0,
]
allowedOrigins => [*] mean that you give access to your server, you can add ip's or dns for restrict access to your server
use Closure;
class CORS {
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
header("Access-Control-Allow-Origin: *");
// ALLOW OPTIONS METHOD
$headers = [
'Access-Control-Allow-Methods'=> 'POST, GET, OPTIONS, PUT, DELETE',
'Access-Control-Allow-Headers'=> 'Content-Type, X-Auth-Token, Origin'
];
if($request->getMethod() == "OPTIONS") {
// The client-side application can set only headers allowed in Access-Control-Allow-Headers
return Response::make('OK', 200, $headers);
}
$response = $next($request);
foreach($headers as $key => $value)
$response->header($key, $value);
return $response;
}
}
protected $routeMiddleware = [
//other middlewares
'cors' => 'App\Http\Middleware\CORS',
];
Route::get('example', array('middleware' => 'cors', 'uses' => 'ExampleController@dummy'));