CORS 跨域问题

<?php
namespace App\Http\Middleware;

use Closure;
use Illuminate\Http\Request;

class Cors
{
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle(Request $request, Closure $next)
    {
        // 设置允许访问的域地址
        $domains = ['http://localhost:8080','http://127.0.0.1:8080'];
        // 判断请求头中是否包含ORIGIN字段
        if(isset($request->server()['HTTP_ORIGIN'])){
            $origin = $request->server()['HTTP_ORIGIN'];
            if (in_array($origin, $domains)) {
                //设置响应头信息
                header('Access-Control-Allow-Origin: '.$origin);
                header('Access-Control-Allow-Headers: Origin, Content-Type, Authorization');
                // echo "aaa";die;
            }
        }
        return $next($request);
    }
}

注册了这个中间件
跨域请求的时候报

Access to XMLHttpRequest at 'http://blog.com/api/getArticleList' from origin 'http://localhost:8080' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header contains multiple values 'http://localhost:8080, *', but only one is allowed.

但是如果在设置header(‘Access-Control-Allow-Origin: ‘.$origin);header(‘Access-Control-Allow-Headers: Origin, Content-Type, Authorization’);
echo “aaa”;die;掉却可以获取得到,

config: {url: "http://blog.com/api/getArticleList", method: "get", headers: {}, transformRequest: Array(1), transformResponse: Array(1),}
data: "aaa"
headers: {content-type: "text/html; charset=UTF-8"}
request: XMLHttpRequest {readyState: 4, timeout: 0, withCredentials: false, upload: XMLHttpRequestUpload, onreadystatechange: ƒ,}
status: 200
statusText: "OK"

请问一下这是什么原因造成的。还是我哪里写错了

《L02 从零构建论坛系统》
以构建论坛项目 LaraBBS 为线索,展开对 Laravel 框架的全面学习。应用程序架构思路贴近 Laravel 框架的设计哲学。
《G01 Go 实战入门》
从零开始带你一步步开发一个 Go 博客项目,让你在最短的时间内学会使用 Go 进行编码。项目结构很大程度上参考了 Laravel。
JaguarJack
最佳答案

设置响应头

$response = $next($request);

$response->headers->set('Access-Control-Allow-Methods', 'GET, POST, PATCH, PUT, DELETE, OPTIONS');

$response->headers->set('Access-Control-Allow-Headers', '*');

$response->headers->set('Access-Control-Allow-Credentials', true);

$response->headers->set('Access-Control-Max-Age', 86400);

return $response;
4个月前 评论
讨论数量: 4
JaguarJack

设置响应头

$response = $next($request);

$response->headers->set('Access-Control-Allow-Methods', 'GET, POST, PATCH, PUT, DELETE, OPTIONS');

$response->headers->set('Access-Control-Allow-Headers', '*');

$response->headers->set('Access-Control-Allow-Credentials', true);

$response->headers->set('Access-Control-Max-Age', 86400);

return $response;
4个月前 评论

安装 laravel-cors 配置一下,简单快捷

4个月前 评论

ng增加配置

        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header 'Access-Control-Allow-Methods' '*';
        add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type, Authorization';

或者
安装laravel-cors 没必要专门写中间件 问题多难调试

4个月前 评论
一念沧海一念桑田 4个月前

可能是多次配置跨域了,代码里或者nginx配置看看,是否有跨域配置,另外推荐laravel-cors

4个月前 评论

讨论应以学习和精进为目的。请勿发布不友善或者负能量的内容,与人为善,比聪明更重要!