domain.com 已被 CORS 策略阻止:对预检请求的响应未通过访问控制检查:它没有 HTTP 正常状态
[英]domain.com has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status
问题描述
Handling preflight requests from React application to Symfony is getting too difficult now, I am trying to fix this for the last 8 hours, Here is the error that I am getting,
处理从 React 应用程序到 Symfony 的预检请求现在变得太困难了,我试图在过去的 8 小时内解决这个问题,这是我得到的错误,
Access to XMLHttpRequest at 'https://mylocaldomain.com/validate-token' from origin 'http://myreactapplocal:3000' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: It does not have HTTP ok status.
I tried adding the code from this post in here in public/index.php and it worked, I am trying to implement the same in the listener as I do not want to edit the public/index.php and it's not working via the listener, below is my listener code我尝试在 public/index.php 中添加这篇文章中的代码并且它有效,我试图在监听器中实现相同的代码,因为我不想编辑 public/index.php 并且它无法通过监听器工作,下面是我的监听器代码
namespace App\EventListener;
use Symfony\Component\EventDispatcher\EventSubscriberInterface;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpKernel\Event\RequestEvent;
use Symfony\Component\HttpKernel\Event\ResponseEvent;
use Symfony\Component\HttpKernel\HttpKernel;
use Symfony\Component\HttpKernel\KernelEvents;
class CorsListener implements EventSubscriberInterface
{
private $container;
public function __construct(ContainerInterface $container)
{
$this->container = $container;
}
public static function getSubscribedEvents(): array
{
return [
RequestEvent::class => 'onRequestEvent',
ResponseEvent::class => 'onResponseEvent',
];
}
public function onRequestEvent(RequestEvent $event)
{
if (HttpKernel::MASTER_REQUEST != $event->getRequestType()) {
return;
}
$request = $event->getRequest();
$method = $request->getRealMethod();
if ('OPTIONS' === $method) {
$response = new Response();
$response->headers->set('Access-Control-Allow-Headers', 'X-API-KEY, Origin, X-Requested-With, Content-Type, Accept, Access-Control-Request-Method,Access-Control-Request-Headers, Authorization');
$event->setResponse($response);
}
}
public function onResponseEvent(ResponseEvent $event)
{
// Don't do anything if it's not the master request.
if (!$event->isMasterRequest()) {
return;
}
$response = $event->getResponse();
$response->headers->set('Access-Control-Allow-Origin', '*');
$response->headers->set('Access-Control-Allow-Methods', 'GET,POST,PUT,OPTIONS,PATCH,DELETE');
$response->headers->set('Access-Control-Allow-Headers', 'Content-Type,Authorization');
}
}
Any kind of help/lead to resolving this issue is appreciated!!感谢任何帮助/引导解决此问题的方法!!
1 个解决方案
解决方案1
0 2021-07-06 11:01:38
I also had this problem using angular and symfony我也有这个问题使用 angular 和 symfony
For me putting the folling code on index.php solved it对我来说,将以下代码放在index.php上就解决了
header('Access-Control-Allow-Origin: *');
header("Access-Control-Allow-Headers: *");
header("Access-Control-Allow-Methods: *");
header("Allow: *");
$method = $_SERVER['REQUEST_METHOD'];
if ($method === "OPTIONS") {
die();
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.