Php 对Laravel作出反应--Cors中间件不工作
像在其他解决方案中一样尝试了很多东西 在route.php中Php 对Laravel作出反应--Cors中间件不工作,php,laravel,cors,Php,Laravel,Cors,像在其他解决方案中一样尝试了很多东西 在route.php中 header('Access-Control-Allow-Origin: http://www.campaignpulse.com/'); 或 或 cors.php public function handle($request, Closure $next) { return $next($request) ->header('Access-Control-Allow-Origin', '
header('Access-Control-Allow-Origin: http://www.campaignpulse.com/');
或
或
cors.php
public function handle($request, Closure $next)
{
return $next($request)
->header('Access-Control-Allow-Origin', 'http://www.campaignpulse.com/')
or
->header('Access-Control-Allow-Origin', 'www.campaignpulse.com/')
or
->header('Access-Control-Allow-Origin', '*')
->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
->header('Access-Control-Allow-Headers: Content-Type, X-Auth-Token, Origin, Authorization');
}
kernal.php
protected $middleware = [
\App\Http\Middleware\CheckForMaintenanceMode::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
\App\Http\Middleware\TrustProxies::class,
\App\Http\Middleware\Cors::class,
];
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'cors' => \App\Http\Middleware\Cors::class,
];
反应部分
return fetch('http://www.campaignserver.com:81/cors',
{
method: 'post',
credentials: "same-origin",
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': 'www.campaignpulse.com' },
}
).then(response => response.json())
.then(resData => {
console.log(resData)
})
错误是
CORS策略已阻止在“”处从源“”获取的访问:对飞行前请求的响应未通过访问控制检查:请求的资源上不存在“访问控制允许源”标头。如果不透明响应满足您的需要,请将请求的模式设置为“no cors”,以获取禁用cors的资源
我还能试什么?请建议浏览器发出的跨原点请求将向您的服务器发送飞行前选项请求,该请求必须至少返回
访问控制允许原点
标题。
仅将其与对POST路由的响应一起返回是不够的
我建议使用类似于提供CORS中间件和配置的包
还要注意,原点是主机名或通配符
例如,ACAO标头的有效值为
*
https://www.example.org
选项http://www.campaignserver.com:81/cors
和
POSThttp://www.campaignserver.com:81/cors
返回标题
访问控制允许原点:http://www.campaignserver.com:81
或
访问控制允许原点:
刚刚应用了它。仍然是上面的同一更新答案访问控制允许源值为“是支持通配符的主机名”是不正确的。相反,它只能是单个字符*
作为通配符来指示任何原点,否则必须是单个文字原点值(协议+主机+端口);例如,http://www.campaignserver.com
或http://www.campaignserver.com:81
。使用http://www.campaignpulse.com
,不带尾随斜杠。原点没有路径组件-甚至没有/
。
protected $middleware = [
\App\Http\Middleware\CheckForMaintenanceMode::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
\App\Http\Middleware\TrustProxies::class,
\App\Http\Middleware\Cors::class,
];
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'cors' => \App\Http\Middleware\Cors::class,
];
return fetch('http://www.campaignserver.com:81/cors',
{
method: 'post',
credentials: "same-origin",
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': 'www.campaignpulse.com' },
}
).then(response => response.json())
.then(resData => {
console.log(resData)
})