[英]CORS (Access-Control-Allow-Origin) on Laravel
I created an application in AngularJS and I'm trying to make calls to the Laravel API:我在 AngularJS 中创建了一个应用程序,我正在尝试调用 Laravel API:
I use Laravel API Boilerplate (JWT Edition) to API.我使用 Laravel API Boilerplate(JWT 版)到 API。
But I get this error in the browser console:但是我在浏览器控制台中收到此错误:
XMLHttpRequest cannot load http://localhost:8000/api/auth/login .
XMLHttpRequest 无法加载http://localhost:8000/api/auth/login 。 No 'Access-Control-Allow-Origin' header is present on the requested resource.
请求的资源上不存在“Access-Control-Allow-Origin”标头。 Origin ' http://localhost:8080 ' is therefore not allowed access.
因此,不允许访问 Origin ' http://localhost:8080 '。
I tried to apply the cors middleware (barryvdh/laravel-cors) in api_routes.php but the error remains.我尝试在 api_routes.php 中应用 cors 中间件(barryvdh/laravel-cors),但错误仍然存在。
api_routes.php: api_routes.php:
<?php
$api = app('Dingo\Api\Routing\Router');
$api->version('v1', ['middleware' => 'cors'], function ($api) {
$api->post('auth/login', 'App\Api\V1\Controllers\AuthController@login');
$api->post('auth/signup', 'App\Api\V1\Controllers\AuthController@signup');
$api->post('auth/recovery', 'App\Api\V1\Controllers\AuthController@recovery');
$api->post('auth/reset', 'App\Api\V1\Controllers\AuthController@reset');
// example of protected route
$api->get('protected', ['middleware' => ['api.auth'], function () {
return \App\User::all();
}]);
// example of free route
$api->get('free', function() {
return \App\User::all();
});
});
I'm completely wrong about this implementation.我对这个实现完全错误。 The
origin
header has a specific placement case in Laravel, where other headers can be defined in Middleware, the origin
header cannot . origin
在 Laravel 中有特定的放置情况,其他头可以在中间件中定义, origin
不能。
Instead, you need to add this to the top of your main routes.php
file:相反,您需要将其添加到主
routes.php
文件的顶部:
header('Access-Control-Allow-Origin: http://localhost:8080');
I don't fully understand this, but when i want cross browser access i add a .htaccess file into the folder where my endpoint is with the following in it:我不完全理解这一点,但是当我想要跨浏览器访问时,我将一个 .htaccess 文件添加到我的端点所在的文件夹中,其中包含以下内容:
Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Headers "origin, x-requested-with, content-type"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
you should add an nginx virtual host pointing to your api with a proxy pass.您应该添加一个指向您的 api 的 nginx 虚拟主机,并通过代理传递。 essentially you need to make sure both your front and backend are fed from the same domain
基本上你需要确保你的前端和后端都来自同一个域
Mostly CORS issues are server related, if it is not getting solved by .htaccess, same headers u can give from application starter file.大多数 CORS 问题与服务器相关,如果 .htaccess 没有解决它,您可以从应用程序启动文件中提供相同的标头。 so have understanding of domain name, where is pointed to folder path of application.
所以对域名有了解,其中指向应用程序的文件夹路径。 In Laravel index.php is starter file so use the following lines of code and add in starting lines.
在 Laravel 中 index.php 是启动文件,因此使用以下代码行并添加起始行。
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS");
header("Access-Control-Allow-Headers: *");
cache clear in browser needed for loading web-app加载网络应用程序所需的浏览器中的缓存清除
Add this on top of routes.php
file or api.php
file depending on where you have placed your routes:收藏此之上
routes.php
的文件或api.php
取决于文件你放置你的路线:
header('Access-Control-Allow-Origin: http://localhost:8080');
header('Access-Control-Allow-Headers: origin, x-requested-with, content-type');
header('Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS');
Adding these 3 lines in the site where you are making the request to, solves the CORS problem.在您发出请求的站点中添加这 3 行,解决了 CORS 问题。 The above will allow JS running on http://localhost:8080 to make request to the backend which contains the above lines.
以上将允许在http://localhost:8080上运行的 JS 向包含上述行的后端发出请求。
The answer is inspired from @Dallas Caley's answer.答案的灵感来自@Dallas Caley 的答案。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.