laravelʵÏÖ¿çÓò»á¼û
ÔÚÏÖ´úµÄwebÓ¦ÓóÌÐòÖУ¬¿çÓò×ÊÔ´¹²Ïí£¨cors£©ÒѾ³ÉΪһÏî»ù±¾¹¦Ð§¡£¶øÔÚʹÓÃlaravel¿ò¼Ü¿ª·¢webÓ¦ÓóÌÐòʱ£¬ÎÒÃÇÒ²¾³£»áÓöµ½ÐèҪʵÏÖ¿çÓò»á¼ûµÄÇéÐΡ£±¾ÎĽ«ÏÈÈÝÔõÑùʹÓÃlaravel¿ò¼ÜÀ´ÊµÏÖ¿çÓò×ÊÔ´¹²Ïí£¬ÒÔ±ãÓÚÎÒÃÇ¿ª·¢³öÔ½·¢ÎÞаºÍ¸ßЧµÄwebÓ¦ÓóÌÐò¡£
ʲôÊÇ¿çÓò×ÊÔ´¹²Ïí£¿
ÔÚWeb¿ª·¢ÖУ¬¿çÓò×ÊÔ´¹²Ïí£¨CORS£©ÊÇÖ¸ÔÚÒ»¸öÍøÕ¾µÄÒ³ÃæÖÐʹÓÃÁíÒ»¸öÍøÕ¾µÄ×ÊÔ´¡£ÀýÈ磬һ¸öÍøÕ¾£¨AÍøÕ¾£©ÖÐʹÓÃÁíÒ»¸öÍøÕ¾£¨BÍøÕ¾£©µÄAPI½Ó¿Ú£¬»ñÈ¡Êý¾ÝµÈµÈ¡£ÓÉÓÚä¯ÀÀÆ÷µÄͬԴսÂÔ£¨Same-Origin Policy£©£¬Ö±½ÓʹÓÃÁíÒ»¸öÍøÕ¾µÄ×ÊÔ´ÊDz»±»ÔÊÐíµÄ¡£ÔÚÕâÖÖÇéÐÎÏ£¬ÎÒÃÇÐèҪʹÓÿçÓò×ÊÔ´¹²ÏíÀ´Èòî±ðÓòÖ®¼äµÄÊý¾Ý¾ÙÐн»»¥¡£
LaravelÔõÑùʵÏÖ¿çÓò»á¼û£¿
Laravel¿ò¼ÜÌṩÁËÐí¶àÊÊÓõÄÖÐÑë¼þ£¬ËüÃÇ¿ÉÒÔÇáËɵØʵÏÖ¿çÓò»á¼û¡£ÏÂÃæÎÒÃǽ«ÏÈÈÝÁ½ÖÖʵÏÖ·½·¨¡£
µÚÒ»ÖÖʵÏÖ·½·¨£ºÊ¹ÓÃLaravelµÄCORSÖÐÑë¼þ
Ê×ÏÈÐèÒªÒýÈëÒ»¸öµÚÈý·½CORSÖÐÑë¼þ°ü£¬ÎÒÃÇ¿ÉÒÔʹÓÃlaravel-corsÕâ¸ö°ü£¬Ïêϸ°ì·¨ÈçÏ£º
×°ÖÃlaravel-cors°ü
composer require barryvdh/laravel-cors
µÇ¼ºó¸´ÖÆ
×¢²áÖÐÑë¼þ
ÔÚappHttpKernel.phpÎļþÖÐ ×¢²áÖÐÑë¼þ£º
protected $middleware = [ // Other middlewares BarryvdhCorsHandleCors::class, ];
µÇ¼ºó¸´ÖÆ
ÉèÖÃCORS²ÎÊý
½Ó×ÅÔÚconfig/cors.phpÎļþÖÐÉèÖÿçÓò²ÎÊý£¬ÈçÏÂËùʾ£º
<?php return [ 'paths' => [ 'api/*', '/*' ], 'allowed_methods' => [ 'GET', 'POST', 'PUT', 'DELETE', 'OPTIONS', ], 'allowed_origins' => [ '*', ], 'allowed_origins_patterns' => [], 'allowed_headers' => [ 'Content-Type', 'X-Requested-With', 'Authorization', 'Accept', 'Origin', ], 'exposed_headers' => [], 'max_age' => 0, 'supports_credentials' => true, ];
µÇ¼ºó¸´ÖÆ
ÒÔÉÏ´úÂëÖУ¬pathsÊôÐÔ½ç˵ÁËÐèÒªÖ§³Ö¿çÓòµÄAPI·¾¶£¬allowed_methodsÊôÐÔ½ç˵ÁËÔÊÐí¿çÓòµÄHTTPÒªÁ죬allowed_originsÊôÐÔ½ç˵ÁËÔÊÐí¿çÓòµÄȪԴ£¨*ÌåÏÖËùÓÐȪԴ£©£¬allowed_headersÊôÐÔ½ç˵ÁËÔÊÐí¿çÓò´«ÊäµÄÇëÇóÍ·¡£
µÚ¶þÖÖʵÏÖ·½·¨£ºÊ¹ÓÃLaravelµÄmiddleware
ͨ¹ý×Ô½ç˵LaravelÖÐÑë¼þÀ´ÊµÏÖ¿çÓò»á¼ûÒ²ÊÇÒ»ÖÖ²»´íµÄÑ¡Ôñ¡£ÔÚÕâÖÖ·½·¨Ï£¬ÎÒÃÇÐèÒª×Ô¼º±àдһ¸öLaravelÖÐÑë¼þÀ´´¦Àí¿çÓò»á¼ûÇëÇó¡£ÏÂÃæÊÇÒ»¸ö»ù±¾µÄʵÏÖʾÀý£º
½¨Éè¿çÓòÖÐÑë¼þ
Ê×ÏÈ£¬ÎÒÃÇÐèÒªÔÚapp/Http/MiddlewareĿ¼Ï½¨ÉèÒ»¸öCorsMiddleware.phpÎļþ£¬ÎļþÄÚÈÝÈçÏ£º
<?php namespace AppHttpMiddleware; use Closure; class CorsMiddleware { public function handle($request, Closure $next) { $response = $next($request); $response->header('Access-Control-Allow-Origin', '*') ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS') ->header('Access-Control-Allow-Headers', 'X-Requested-With, Content-Type, Authorization'); return $response; } }
µÇ¼ºó¸´ÖÆ
ÒÔÉÏ´úÂëÖеÄhandleÒªÁì¿ÉÒÔÔÚÿ¸öÇëÇóµ½À´Ê±Ö´ÐУ¬Í¨¹ýÉèÖÃÏìӦͷ²¿µÄ·½·¨À´ÔÊÐí¿çÓò»á¼û¡£
×¢²á¿çÓòÖÐÑë¼þ
½Ó×ÅÎÒÃÇÐèÒª½«CorsMiddleware×¢²áµ½Laravel¿ò¼ÜÖУ¬ÒÔ±ãÓÚʹÓá£ÔÚapp/Http/Kernel.phpÎļþÖÐÌí¼ÓÈçÏ´úÂ룺
protected $routeMiddleware = [ // Other middleware 'cors' => AppHttpMiddlewareCorsMiddleware::class, ];
µÇ¼ºó¸´ÖÆ
ÒÔÉÏ´úÂëÖеÄCorsMiddleware::class¾ÍÊÇÎÒÃÇ×Ô½ç˵µÄCorsMiddlewareÖÐÑë¼þ£¬ÔÚÕâÀï×¢²áºó¾Í¿ÉÒÔÔÚ³ÌÐòÖÐʹÓÃÁË¡£
ʹÓÿçÓòÖÐÑë¼þ
ÔÚÐèÒªÖ§³Ö¿çÓòµÄ¿ØÖÆÆ÷»ò·ÓÉÖУ¬Ê¹ÓÃÒѾע²áºÃµÄCorsMiddleware£¬ÀýÈ磺
Route::group(['middleware' => ['cors']], function () { // ÕâÀï¿ÉÒÔÌí¼Ó¿çÓòAPI });
µÇ¼ºó¸´ÖÆ
µ½ÕâÀÎÒÃÇÒѾÀֳɵØͨ¹ýÁ½ÖÖ·½·¨À´ÊµÏÖÁËLaravel¿ò¼ÜϵĿçÓò»á¼û¡£ÔÚÏÖʵ¿ª·¢ÖУ¬ÎÒÃÇ¿ÉÒÔƾ֤ÏêϸÐèÇóÑ¡ÔñÊʺÏ×Ô¼ºµÄ·½·¨À´ÊµÏÖ¿çÓò»á¼û£¬ÈÃÎÒÃǵÄWebÓ¦ÓóÌÐòÔ½·¢ÎÞаºÍ¸ßЧ¡£
ÒÔÉϾÍÊÇlaravelʵÏÖ¿çÓò»á¼ûµÄÏêϸÄÚÈÝ£¬¸ü¶àÇë¹Ø×¢±¾ÍøÄÚÆäËüÏà¹ØÎÄÕ£¡