Php Laravel 4 API不允许来自外部站点的POST请求
我正试图通过从外部站点向我的Laravel 4 API发送POST请求来创建一个用户。我已将以下代码添加到我的app/filters.php文件中:Php Laravel 4 API不允许来自外部站点的POST请求,php,express,laravel-4,cors,csrf,Php,Express,Laravel 4,Cors,Csrf,我正试图通过从外部站点向我的Laravel 4 API发送POST请求来创建一个用户。我已将以下代码添加到我的app/filters.php文件中: App::before(function($request) { if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') { header('Access-Control-Allow-Origin', 'http://www.myexternalsite.net'); h
App::before(function($request)
{
if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {
header('Access-Control-Allow-Origin', 'http://www.myexternalsite.net');
header('Allow', 'GET, POST, OPTIONS, PUT, DELETE');
header('Access-Control-Allow-Headers', 'Origin, Content-Type, Accept, Authorization, X-Request-With');
header('Access-Control-Allow-Credentials', 'true');
exit;
}
});
App::after(function($request, $response)
{
$response->headers->set('Access-Control-Allow-Origin', 'http://www.myexternalsite.net');
$response->headers->set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
$response->headers->set('Access-Control-Allow-Headers', 'Origin, Content-Type, Accept, Authorization, X-Requested-With');
$response->headers->set('Access-Control-Allow-Credentials', 'true');
$response->headers->set('Access-Control-Max-Age','86400');
return $response;
});
当我根据来自的POST请求运行我的开发工具时,我收到以下警告消息:
event.returnValue is deprecated. Please use the standard event.preventDefault() instead. main-built.js:6
以及以下错误消息:
OPTIONS http://api.mywebsite.com/users 500 (Internal Server Error) main-built.js:7
OPTIONS http://api.mywebsite.com/users No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.myexternalsite.net' is therefore not allowed access. main-built.js:7
我遗漏了什么吗?第一个错误严格来说是客户端javascript错误。错误描述的意思正是它所说的。您应该适当地更新js
第二组错误消息可能与您正在跨域请求一个javascript文件有关,该文件不受PHP发送的头文件的约束。您需要在Web服务器上为此类端点配置CORS谢谢!对于其他与Laravel有CORS相关问题的人,我在这里使用了这个包:简化流程。