Cors 策略错误:它没有 HTTP 正常状态
[英]Cors Policity Error: It does not have HTTP ok status
问题描述
I have created my own restful application in PHP that exposes APIs to javascript application.
我在PHP中创建了自己的 RESTful 应用程序,它向javascript应用程序公开 API。 Everything works smoothly except when I insert http_response_code in the response header.除非我在响应 header 中插入http_response_code ,否则一切正常。
Below is the function I use to print the data in json format.下面是我用来打印json格式数据的function。 I set the http_response_code() based on the error code I need to use (200, 404, 400, 401 etc).我根据需要使用的错误代码(200、404、400、401 等)设置了http_response_code() )。
<?php
public function handle($code = 200, $data = array())
{
$message = json_encode(
array(
"code" => $code,
"data" => $data
), JSON_PRETTY_PRINT
);
http_response_code($code);
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Headers: *");
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE");
header('Content-type: text/javascript; charset=utf-8');
print_r($message);
exit;
}
Frontend side, I make simple Ajax calls with jQuery .前端,我使用Ajax进行简单的调用jQuery 。 I don't think it needs any explanation but I put it for completeness.我认为它不需要任何解释,但为了完整起见,我把它放在了这里。
$.ajax({
url: url,
method: method,
cache: false,
headers: headers,
data: data,
crossDomain: true,
success: function(data){
console.log(data)
},
error: function (xhr, ajaxOptions, thrownError) {
console.log((xhr.responseJSON)
}
});
The problem is this.问题是这样的。 If in the PHP script I comment the line http_response_code($code);如果在PHP脚本中,我注释 http_response_code http_response_code($code); Everything works smoothly, but I always receive as status code 200.一切顺利,但我总是收到状态码 200。
If I try to change the status code, be it 200 or any other code, the client responds with the following error:如果我尝试更改状态代码,无论是 200 还是任何其他代码,客户端都会响应以下错误:
Access to XMLHttpRequest at 'MY API URL CENSORED' from origin 'http://localhost:8080' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.
As you can see both php and js side I have enabled cross domain and enabled all cross-origin.如您所见, php和js端都启用了跨域并启用了所有跨域。 I don't really understand why it gives me this error, only if I add this line http_response_code($code) .我真的不明白为什么它会给我这个错误,只有当我添加这一行http_response_code($code) 。
Am I doing something wrong?难道我做错了什么? Can changing the status code create any kind of problem with cors policies?更改状态代码是否cors策略产生任何问题?
1 个解决方案
解决方案1
2 已采纳 2021-04-07 13:26:07
Am I doing something wrong?
Something about the request you are making (it isn't clear what as everything that could trigger this is hidden behind variables you haven't shared) requires a preflight request .关于您正在发出的请求的某些内容(尚不清楚什么可能触发此请求的所有内容都隐藏在您尚未共享的变量后面)需要preflight request 。
The browser will therefore make an OPTIONS request asking permission to make the actual (eg POST) request.因此,浏览器将发出一个 OPTIONS 请求,请求允许发出实际(例如 POST)请求。
You appear to be responding to the preflight request as if it were the aactal request.您似乎正在响应预检请求,就好像它是实际请求一样。
Can changing the status code create any kind of problem with cors policies?
Yes.是的。 The response to the preflight request must (as the error message says) have a 200 OK status in order for the browser to accept that permissions have been granted to make the actual request.对预检请求的响应必须(如错误消息所述)具有200 OK状态,以便浏览器接受已授予发出实际请求的权限。
The response to the actual request can have whatever status you like.对实际请求的响应可以具有您喜欢的任何状态。
You can differentiate them by testing if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {您可以通过测试if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.