angularjs和PHP:Request header字段Access Control Allow Origin不被飞行前响应中的Access Control Allow header所允许
我试着做一篇从angularjs到一个虚拟php文件的简单文章,以了解它是如何工作的。 在我的angularjs部分:angularjs和PHP:Request header字段Access Control Allow Origin不被飞行前响应中的Access Control Allow header所允许,php,angularjs,cors,Php,Angularjs,Cors,我试着做一篇从angularjs到一个虚拟php文件的简单文章,以了解它是如何工作的。 在我的angularjs部分: <html ng-app="loginApp"> <head> <meta charset="utf-8"> <title>Login</title> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootst
<html ng-app="loginApp">
<head>
<meta charset="utf-8">
<title>Login</title>
<link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.2/css/bootstrap.min.css">
<script src="http://ajax.googleapis.com/ajax/libs/angularjs/1.2.26/angular.min.js"></script>
<script>
var logindata = {username:'abc', password:'abc'}
var loginApp = angular.module('loginApp', []);
loginApp.controller('loginCtrl', function ($scope, $http){
var request = $http({
method: "POST",
url: "http://different-ip/a.php",
data: logindata,
headers: { 'Content-Type': 'multipart/form-data', 'Authorization': 'Basic ' + btoa(logindata.username + logindata.password),
'Access-Control-Allow-Origin': "*"}
});
request.success(
function( data ) {
$scope.someVariableName = data;
}
);
});
</script>
</head>
<body ng-controller="loginCtrl">
<h2>Angular.js JSON Fetching Example</h2>
<p> {{ someVariableName }} </p>
</body>
</html>
当我尝试使用Postman向这个a.php发送帖子时,一切都很好。那么为什么angularjs不允许呢?
我曾试图阅读有关CORS的文章,但对于如何解决这个问题(代码方面)没有直接的答案。有人能帮我吗?提前谢谢 将这3个标题添加到
a.php
的顶部,而不是带有if
条件的当前标题
<?php
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization");
if($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
header( "HTTP/1.1 200 OK" );
exit;
}
file_put_contents("aa.txt", json_decode(file_get_contents('php://input'),true));
file_put_contents("aaa.txt", getallheaders());
?>
您可以在此处查看有关CORS的更多信息:
Postman
之所以有效,是因为它是一个附加的浏览器扩展,它不关心标题策略,也不在请求之前检查标题。将此标题而不是当前标题添加到我的PHP文件中,现在它可以工作了!谢谢@Armen的帮助
if (isset($_SERVER['HTTP_ORIGIN'])) {
header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Max-Age: 86400'); // cache for 1 day
}
// Access-Control headers are received during OPTIONS requests
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
exit(0);
}
我试过这个。它仍然给我同样的错误!:(@user3193036我用新的3个标题更新了我的答案,你能重试吗?现在我得到了这个消息:对飞行前请求的响应没有通过访问控制检查:请求的标题上没有“访问控制允许来源”标题resource@user3193036我再次更新了我的答案,这应该对你有帮助了,你能再试一次吗?@user3193036-hmm似乎有关于你的浏览器+服务器的一些具体问题,我在这里无法理解,你能在你的问题中包括
请求
和响应
案例的浏览器网络选项卡截图吗?试着查看关于angularjs+CORS的这两个链接:谢谢@Armen..在你的帮助下我深入了解了!)
<?php
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Authorization");
if($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
header( "HTTP/1.1 200 OK" );
exit;
}
file_put_contents("aa.txt", json_decode(file_get_contents('php://input'),true));
file_put_contents("aaa.txt", getallheaders());
?>
if (isset($_SERVER['HTTP_ORIGIN'])) {
header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Max-Age: 86400'); // cache for 1 day
}
// Access-Control headers are received during OPTIONS requests
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
exit(0);
}