php 在 codeigniter 中启用 cors(@chriskacerguis 的 restserver)
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/25702991/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
enabling cors in codeigniter ( restserver by @chriskacerguis )
提问by onerinas
http.get request in agularJs controller works fine when my client app and api are in localhost. when api is moved to server., issue arised.
当我的客户端应用程序和 api 在 localhost 中时,agularJs 控制器中的 http.get 请求工作正常。当 api 移动到服务器时,出现了问题。
client side using angularJs
客户端使用 angularJs
$http.get('http://domain.com/api/spots/2/0').success(function(datas){
console.log(datas);
});
log gives: Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://domain.com/api/spots/2/0. This can be fixed by moving the resource to the same domain or enabling CORS.
日志给出:跨域请求被阻止:同源策略不允许在http://domain.com/api/spots/2/0读取远程资源。这可以通过将资源移动到同一域或启用 CORS 来解决。
i have added these two lines to my controller construct
我已将这两行添加到我的控制器构造中
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: GET");
still same error.
还是一样的错误。
回答by Ross
Try adding OPTIONSto the allowed methods.
尝试添加OPTIONS到允许的方法。
header("Access-Control-Allow-Methods: GET, OPTIONS");
header("Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding");
and return immediately when the request is method 'OPTIONS' once you have set the headers.
设置标题后,当请求是方法“OPTIONS”时立即返回。
if ( "OPTIONS" === $_SERVER['REQUEST_METHOD'] ) {
die();
}
See also this answer.
另请参阅此答案。
Angular sends a W3C CORS spec compliant preflight requestthat will check for the right allowed methods before actually attempting it.
Angular 发送一个符合 W3C CORS 规范的预检请求,该请求将在实际尝试之前检查正确的允许方法。
Personally, I find the Mozilla Developer Network CORS pagea bit easier to read on the matter to help understand the flow of CORS.
就我个人而言,我发现Mozilla 开发者网络 CORS 页面在这方面更容易阅读,以帮助理解 CORS 的流程。
回答by Amal Ajith
If anyone else is facing the issue, enabling CORS in rest.php file of Codeigniter REST Controller worked for me. This is also clearly documented in comments here https://github.com/chriskacerguis/codeigniter-restserver/blob/master/application/config/rest.php
如果其他人遇到这个问题,在 Codeigniter REST Controller 的 rest.php 文件中启用 CORS 对我有用。这也清楚地记录在此处的评论中https://github.com/chriskacerguis/codeigniter-restserver/blob/master/application/config/rest.php
//Change this to TRUE
$config['check_cors'] = TRUE;
//No change here
$config['allowed_cors_headers'] = [
'Origin',
'X-Requested-With',
'Content-Type',
'Accept',
'Access-Control-Request-Method'
];
//No change here
$config['allowed_cors_methods'] = [
'GET',
'POST',
'OPTIONS',
'PUT',
'PATCH',
'DELETE'
];
//Set to TRUE to enable Cross-Origin Resource Sharing (CORS) from any source domain
$config['allow_any_cors_domain'] = TRUE;
//Used if $config['check_cors'] is set to TRUE and $config['allow_any_cors_domain'] is set to FALSE.
//Set all the allowable domains within the array
//e.g. $config['allowed_origins'] =['http://www.example.com','https://spa.example.com']
$config['allowed_cors_origins'] = [];
回答by muTheTechie
I've added the following constructor in my controller class
我在控制器类中添加了以下构造函数
public function __construct($config = 'rest')
{
header('Access-Control-Allow-Origin: *');
header("Access-Control-Allow-Methods: GET, POST, OPTIONS, PUT, DELETE");
parent::__construct();
}
回答by Alonso
Client side => AngularJs (running with Grunt in localhost:9000) Server side => php (codeIgniter solution) (running in localhost:80)
客户端 => AngularJs(在 localhost:9000 中使用 Grunt 运行)服务器端 => php(codeIgniter 解决方案)(在 localhost:80 中运行)
The only thing that worked for me was to add this lines into the webservices controller in my php project:
唯一对我有用的是将此行添加到我的 php 项目中的 webservices 控制器中:
/*
here you do whatever you do to build the $data
*/
//but just before returning the method data add this
header('Content-type: application/json');
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: GET");
header("Access-Control-Allow-Methods: GET, OPTIONS");
header("Access-Control-Allow-Headers: Content-Type, Content-Length, Accept-Encoding");
echo json_encode($data, JSON_NUMERIC_CHECK);
回答by Sizzling Code
if you can use jQuery Ajax, then use this line in your script.
如果您可以使用 jQuery Ajax,那么在您的脚本中使用这一行。
jQuery.support.cors = true; // force cross-site scripting (as of jQuery 1.5)
it solved the problem for me when i tried to post some string using jQuery Ajax from sidebar desktop gadget to the xampp php file.
当我尝试使用 jQuery Ajax 从侧边栏桌面小工具向 xampp php 文件发布一些字符串时,它为我解决了这个问题。
回答by MuturiAlex
To add to the answer by @amal-ajith headers should be added in the rest.php file. For example I needed to add my authorization token for Ionic 4 app api calls/requests and all I needed to do was add the header field the rest.php file and my cors error was taken care of.
要通过@amal-ajith 添加到答案中,应在 rest.php 文件中添加标题。例如,我需要为 Ionic 4 应用程序 api 调用/请求添加我的授权令牌,我需要做的就是在 rest.php 文件中添加标头字段,并处理我的 cors 错误。
Access to XMLHttpRequest at 'http://localhost/ci/index.php/api/validate_token' from origin 'http://localhost:8100' has been blocked by CORS policy: Request header field authorization is not allowed by Access-Control-Allow-Headers in preflight response.
//No change here
$config['allowed_cors_headers'] = [
'Origin',
'X-Requested-With',
'Content-Type',
'Accept',
'Access-Control-Request-Method',
'Authorization'
];
