如何解决访问 Laravel 路由时出现 CORS 错误
我对 laravel 应用程序非常陌生。我正在尝试开发一个使用 laravel 编写的 API 的 Outlook Web 插件。这里的问题是,通过 Outlook 邮件访问 API 时会产生 CORS 错误。
错误 :
Access to XMLHttpRequest at 'https://test.com/api/test' from origin 'https://localhost:44377' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
到目前为止我已经尝试过:
spatia/laravel-cors 模块已安装并尝试
在 bootstrap/app.php 中添加了以下内容:
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: *');
header('Access-Control-Allow-Headers: *');创建 CORS 类文件并添加为中间件
最后还是报同样的错误,我该怎么办?
编辑 :
为什么它会自动将请求重定向到 https 而不是 http。哪里出了问题?请求 url 应该是http://test.com/api/test,而不是https://test.com/api/test
提前致谢 !
呼啦一阵风浏览 450回答 5
5回答
-
弑天下
我正在使用 Laravel 8检查配置/cors.php将路径数组更改为 * ('paths' => ['*']) -
偶然的你
我也遇到了同样的问题,通过中间件解决了定义您的自定义中间件//App\Http\Middleware;public function handle($request, Closure $next){ return $next($request) ->header('Access-Control-Allow-Origin', '*') ->header('Access-Control-Allow-Methods', '*') ->header('Access-Control-Allow-Credentials', true) ->header('Access-Control-Allow-Headers', 'X-Requested-With,Content-Type,X-Token-Auth,Authorization') ->header('Accept', 'application/json');}不仅仅是注册您的中间件,本地(针对特定路线)或全局。 -
蓝山帝景
这对我来说工作:php artisan make:middleware OwnCors创建的中间件代码:<?phpnamespace App\Http\Middleware;use Closure;use Illuminate\Http\Request;class OwnCors{ /** * Handle an incoming request. * * @param \Illuminate\Http\Request $request * @param \Closure $next * @return mixed */ public function handle(Request $request, Closure $next) { header("Access-Control-Allow-Origin: *"); $headers = [ 'Access-Control-Allow-Methods' => 'POST, GET, OPTIONS, PUT, DELETE', 'Access-Control-Allow-Headers' => 'Content-Type, X-Auth-Token, Origin, Authorization' ]; if ($request->getMethod() == "OPTIONS") { return response('OK') ->withHeaders($headers); } $response = $next($request); foreach ($headers as $key => $value) $response->header($key, $value); return $response; }}将中间件添加到您的 App\Http\Kernel.php 中 protected $middleware = [ \App\Http\Middleware\OwnCors::class, // Others middlewares]; -
子衿沉夜
对于 Laravel 8就我而言,我添加了需要访问资源的源。// config/cors.php// add a path to the resource here if you want it accessible to external origins// for example no need to explicitly tell allowed origins// what origins should gain access to api/* routes'paths' => ['api/*', 'sanctum/csrf-cookie'],'allowed_methods' => ['*'],// explicitly tell which origins needs access to the resource'allowed_origins' => ['*', 'https://mywebsite.com', 'http://mywebsite.com'],// or use regex pattern, helpful if you want to grant// access to origins with certain pattern (i.e. an origin under a subdomain etc.)'allowed_origins_patterns' => ['/https?:\/\/mywebsite\.com\/?\z/'],// no changes made below'allowed_headers' => ['*'],'exposed_headers' => [],'max_age' => 0,'supports_credentials' => false,php artisan optimize另外,如果您正在缓存配置,请不要忘记运行。 -
叮当猫咪
如果您正在开发 Outlook 插件,您需要检查的事项:检查您是否已在 manifest.xml 中包含域名,在我的情况下,我需要包含https://test.com以包含在 <AppDomain> 标记中。您的域名应该有 ssl 证书。(即)outlook 允许您仅通过 https 请求。
随时随地看视频慕课网APP
PHP