[英]react to Laravel — Cors Middleware NOT working
tried lots of things as in other solutions像其他解决方案一样尝试了很多东西
in route.php在路线中。php
header('Access-Control-Allow-Origin: http://www.campaignpulse.com/');
or或者
header('Access-Control-Allow-Origin: www.campaignpulse.com/');
or或者
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE');
header('Access-Control-Allow-Headers: Content-Type, X-Auth-Token, Origin, Authorization');
Route::post('cors', ['middleware' => 'cors',function () { return response()->json(['message' =>'cors'], 200); } ]);
cors.php cors.php
public function handle($request, Closure $next)
{
return $next($request)
->header('Access-Control-Allow-Origin', 'http://www.campaignpulse.com/')
or
->header('Access-Control-Allow-Origin', 'www.campaignpulse.com/')
or
->header('Access-Control-Allow-Origin', '*')
->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
->header('Access-Control-Allow-Headers: Content-Type, X-Auth-Token, Origin, Authorization');
}
kernal.php内核.php
protected $middleware = [
\App\Http\Middleware\CheckForMaintenanceMode::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
\App\Http\Middleware\TrustProxies::class,
\App\Http\Middleware\Cors::class,
];
protected $routeMiddleware = [
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
'can' => \Illuminate\Auth\Middleware\Authorize::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
'cors' => \App\Http\Middleware\Cors::class,
];
react part反应部分
return fetch('http://www.campaignserver.com:81/cors',
{
method: 'post',
credentials: "same-origin",
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json',
'Access-Control-Allow-Origin': 'www.campaignpulse.com' },
}
).then(response => response.json())
.then(resData => {
console.log(resData)
})
and the error is错误是
Access to fetch at ' http://www.campaignserver.com:81/cors ' from origin ' http://www.campaignpulse.com ' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Access to fetch at ' http://www.campaignserver.com:81/cors ' from origin ' http://www.campaignpulse.com ' has been blocked by CORS policy: Response to preflight request doesn't pass access control check :请求的资源上不存在“Access-Control-Allow-Origin”header。 If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
如果不透明的响应满足您的需求,请将请求的模式设置为“no-cors”以获取禁用 CORS 的资源。
what else can i try?我还能尝试什么? please suggest
请建议
Cross origin requests made by a browser will send a pre-flight OPTIONS request to your server, which has to return at least the Access-Control-Allow-Origin
header.浏览器发出的跨域请求将向您的服务器发送飞行前 OPTIONS 请求,该请求必须至少返回
Access-Control-Allow-Origin
header。 It is not sufficient to just return it with the response to a POST route.仅将其与对 POST 路由的响应一起返回是不够的。
I recommend to use a package like https://github.com/barryvdh/laravel-cors to provide the CORS middleware and configuration我建议使用 package 之类的https://github.com/barryvdh/laravel-cors来提供 CORS 中间件和配置
Also notice that the origin is a host name or a wildcard.另请注意,来源是主机名或通配符。
Valid values for the ACAO header are for example ACAO header 的有效值为例如
*
https://www.example.org
No URI parts没有 URI 部分
edit编辑
have to correct myself, apparently protocol and port are valid parts of the ACAO header, which makes sense必须纠正自己,显然协议和端口是 ACAO header 的有效部分,这是有道理的
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
edit2编辑2
To debug this, make sure that both OPTIONS http://www.campaignserver.com:81/cors
and POST http://www.campaignserver.com:81/cors
To debug this, make sure that both
OPTIONS http://www.campaignserver.com:81/cors
and POST http://www.campaignserver.com:81/cors
Return a header Access-Control-Allow-Origin: http://www.campaignserver.com:81
or Access-Control-Allow-Origin: *
返回 header
Access-Control-Allow-Origin: http://www.campaignserver.com:81
或Access-Control-Allow-Origin: *
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.