I am poking around with Vue & CodeIgniter 4 and am using as https://github.com/flavea/ci4-vue a jumping-off point.
No matter what I seem to try, I keep getting this pesky CORS error when in dev mode:
Access to XMLHttpRequest at ' http://example.com/public/api/book/get ' from origin ' http://example.com:8080 ' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
I've read quite a few threads and Mozilla's article on CORS ...I understand
What I don't understand where I need to resolve it...Apache, my PHP App, Vue, Webpack? (my suspicion is WebPack / Node).
My question...how do I resolve this CORS issue for my dev mode?
Some additional background info:
npm run dev
...I have no issues when I run it in 'production'; ie npm run build
).From what I gather, the dev build uses WebPack's devServer when in dev mode (see below)
const devWebpackConfig = merge(baseWebpackConfig, { module: { rules: utils.styleLoaders({ sourceMap: config.dev.cssSourceMap, usePostCSS: true }) }, // cheap-module-eval-source-map is faster for development devtool: config.dev.devtool, // these devServer options should be customized in /config/index.js devServer: { clientLogLevel: 'warning', historyApiFallback: { rewrites: [ { from: /.*/, to: path.posix.join(config.dev.assetsPublicPath, 'index.html') }, ], }, // I added the following, seems to do nothing. headers: { "Access-Control-Allow-Origin": "*", "Access-Control-Allow-Methods": "GET, POST, PUT, DELETE, PATCH, OPTIONS", "Access-Control-Allow-Headers": "Origin, Content-Type, X-Auth-Token" }, hot: true, contentBase: false, // since we use CopyWebpackPlugin. compress: true, host: HOST || config.dev.host, port: PORT || config.dev.port, open: config.dev.autoOpenBrowser, overlay: config.dev.errorOverlay? { warnings: false, errors: true }: false, //publicPath: config.dev.assetsPublicPath, //proxy: config.dev.proxyTable, quiet: true, // necessary for FriendlyErrorsPlugin watchOptions: { poll: config.dev.poll, } }, plugins: [ new webpack.DefinePlugin({ 'process.env': require('../config/dev.env') }), new webpack.HotModuleReplacementPlugin(), new webpack.NamedModulesPlugin(), // HMR shows correct file names in console on update. new webpack.NoEmitOnErrorsPlugin(), // https://github.com/ampedandwired/html-webpack-plugin new HtmlWebpackPlugin({ filename: 'index.html', template: 'index.html', inject: true }), // copy custom static assets new CopyWebpackPlugin([ { from: path.resolve(__dirname, '../static'), to: config.dev.assetsSubDirectory, ignore: ['.*'] } ]) ] })
In my .htaccess, I've added
<IfModule mod_headers.c> Header set Access-Control-Allow-Origin "*" </IfModule> <FilesMatch "\.(js)$"> Header set Access-Control-Allow-Origin "*" </FilesMatch>
If you want to prevent CORS errors in your local dev environment and access data from other web servers (remote or local), it can be very easily done with the proxy config. This option redirect every request to a local path to a remote URL. https://webpack.js.org/configuration/dev-server/#devserverproxy
You don't even need a CORS configuration in this case, because you'll mount an external path on the same local environment, so that the web browser does not complain. The remote address must of course be trustworthy.
After trying a bunch of things, I had to add headers to my CodeIgniter Method:
header('Access-Control-Allow-Origin: *');
header("Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE");
header("Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding");
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.