预检响应 TinyMCE 图像上传时出现 CORS 500 错误
我正在使用 TinyMCE 并尝试上传图像。我的 HTML 页面由 Django 提供服务。请看下面我的图片上传处理程序(由 TinyMCE 提供)
images_upload_handler: function (blobInfo, success, failure, progress) {
var xhr, formData;
xhr = new XMLHttpRequest();
//xhr.withCredentials = true;
xhr.open('POST', 'http://localhost/tiny_upload.php');
xhr.setRequestHeader('x-requested-with', 'XMLHttpRequest')
xhr.upload.onprogress = function (e) {
progress(e.loaded / e.total * 100);
};
xhr.onload = function () {
var json;
if (xhr.status < 200 || xhr.status >= 300) {
failure('HTTP Error: ' + xhr.status);
return;
}
json = JSON.parse(xhr.responseText);
if (!json || typeof json.location != 'string') {
failure('Invalid JSON: ' + xhr.responseText);
return;
}
success(json.location);
};
xhr.onerror = function () {
failure('Image upload failed due to a XHR Transport error. Code: ' + xhr.status +
' Message:' + xhr.responseText);
};
formData = new FormData();
formData.append('file', blobInfo.blob(), blobInfo.filename());
xhr.send(formData);
}
白猪掌柜的1回答
-
MM们
我将 php 文件内容更改为以下内容<?phperror_reporting(E_ERROR | E_WARNING | E_PARSE);/*************************************************** * Only these origins are allowed to upload images * ***************************************************/$accepted_origins = array("http://localhost", "http://192.168.1.1", "http://127.0.0.1:8000", "http://127.0.0.1");/********************************************* * Change this line to set the upload folder * *********************************************/$method = $_SERVER['REQUEST_METHOD'];if ($method == 'OPTIONS') { if (isset($_SERVER['HTTP_ORIGIN'])) { if (in_array($_SERVER['HTTP_ORIGIN'], $accepted_origins)) { header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']); header("HTTP/1.1 200 OK"); return; } else { header("HTTP/1.1 403 Origin Denied"); return; } }} elseif ($method == 'POST') { $imageFolder = "images/"; reset($_FILES); $temp = current($_FILES); if (is_uploaded_file($temp['tmp_name'])) { header('CUS_MSG1: hello'); if (isset($_SERVER['HTTP_ORIGIN'])) { // same-origin requests won't set an origin. If the origin is set, it must be valid. if (in_array($_SERVER['HTTP_ORIGIN'], $accepted_origins)) { header('Access-Control-Allow-Origin: ' . $_SERVER['HTTP_ORIGIN']); } else { header("HTTP/1.1 403 Origin Denied"); return; } } /* If your script needs to receive cookies, set images_upload_credentials : true in the configuration and enable the following two headers. */ // header('Access-Control-Allow-Credentials: true'); // header('P3P: CP="There is no P3P policy."'); // Sanitize input if (preg_match("/([^\w\s\d\-_~,;:\[\]\(\).])|([\.]{2,})/", $temp['name'])) { header("HTTP/1.1 400 Invalid file name."); return; } // Verify extension if (!in_array(strtolower(pathinfo($temp['name'], PATHINFO_EXTENSION)), array("gif", "jpg", "png"))) { header("HTTP/1.1 400 Invalid extension."); return; } // Accept upload if there was no origin, or if it is an accepted origin $filetowrite = $imageFolder . $temp['name']; move_uploaded_file($temp['tmp_name'], $filetowrite); // Respond to the successful upload with JSON. // Use a location key to specify the path to the saved image resource. // { location : '/your/uploaded/image/file'} echo json_encode(array('location' => 'http://' . $_SERVER['SERVER_NAME'] . '/' . $filetowrite)); } else { // Notify editor that the upload failed header("HTTP/1.1 500 Server Error"); }} else { // Notify editor that the upload failed header("HTTP/1.1 500 Server Error");}?>并xhr.setRequestHeader('x-requested-with', 'XMLHttpRequest')从 JS 文件中删除
随时随地看视频慕课网APP
相关分类
JavaScript