jQuery 在 JSON API Wordpress 上启用 CORS
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/25702061/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Enable CORS on JSON API Wordpress
提问by Mario Sanchez Maselli
I have this wordpress site with a plugin called JSON API. This plugin provides a JSON format for the content that is in the wordpress. I was able to enable CORS on the wordpress by adding header("Access-Control-Allow-Origin: *"); on the php header. But when I tried the url that the JSON API plugin provides the CORS does not work anymore.
我有一个带有名为 JSON API 的插件的 wordpress 站点。此插件为 wordpress 中的内容提供 JSON 格式。我能够通过添加 header("Access-Control-Allow-Origin: *"); 在 wordpress 上启用 CORS;在 php 标头上。但是当我尝试 JSON API 插件提供的 url 时,CORS 不再起作用。
This is the wordpress site were I'm doing the tests... I used the test cors website to check if it was working and it is... http://kiwa-app.loading.net/
这是我正在做测试的 wordpress 网站...我使用测试 cors 网站来检查它是否正常工作,它是... http://kiwa-app.loading.net/
But when I try with the url that the JSON api provides me, is not working anymore. I'm still have the error No 'Access-Control-Allow-Origin' http://kiwa-app.loading.net/?json=info
但是当我尝试使用 JSON api 提供给我的 url 时,它不再工作了。我仍然有错误 No 'Access-Control-Allow-Origin' http://kiwa-app.loading.net/?json=info
I will apreciate some help thanks!!!
我会感谢一些帮助谢谢!!!
采纳答案by Mario Sanchez Maselli
Ok I finally figured out an easy way...
好吧,我终于想出了一个简单的方法......
You just have to add:
你只需要添加:
<? header("Access-Control-Allow-Origin: *"); ?>
On the file api.php, this file is located in wp-content/plugins/json-api/singletons/api.php
在文件 api.php 上,该文件位于 wp-content/plugins/json-api/singletons/api.php
I hope it helps more people with the same problem!
希望能帮到更多有同样问题的人!
回答by sheriffderek
I've used a few different WordPress API's - but for those of you using the 'official' WP-API, I had much trouble with this CORS --- and what I found was that between the .htaccess approachand a few others I stumbled upon... adding this to your theme functions.php worked best.
我使用了一些不同的 WordPress API - 但是对于那些使用“官方” WP-API 的人来说,我在这个 CORS 上遇到了很多麻烦 --- 我发现这是在 .htaccess 方法和其他一些我之间偶然发现... 将此添加到您的主题functions.php 效果最佳。
function add_cors_http_header(){
header("Access-Control-Allow-Origin: *");
}
add_action('init','add_cors_http_header');
Be sure not to use any combinations of these ( .htaccess, header.php, api.php, functions.php ) as it will be angry at you.
确保不要使用这些(.htaccess、header.php、api.php、functions.php)的任何组合,因为它会生你的气。
回答by brasofilo
Before the response is sent to the browser, we can run two action hooksand insert a new header():
在响应发送到浏览器之前,我们可以运行两个动作钩子并插入一个新的header():
do_action("json_api", $controller, $method);
do_action("json_api-{$controller}-$method");
The first one runs on every method, and the second one is to target specific methods. Here's an implementation of the first one, with a commented way to find the second:
第一个在每个方法上运行,第二个是针对特定方法。这是第一个的实现,用注释的方式找到第二个:
add_action( 'json_api', function( $controller, $method )
{
# DEBUG
// wp_die( "To target only this method use <pre><code>add_action('$controller-$method', function(){ /*YOUR-STUFF*/ });</code></pre>" );
header( "Access-Control-Allow-Origin: *" );
}, 10, 2 );
回答by Grant
Using Wordpress 5.2.3 - whilst using GET and POST externally, the following finally opened sesame for me. I tried all of the answers above (to no avail) before finding this solution that worked for my case.
使用 Wordpress 5.2.3 - 在外部使用 GET 和 POST 时,以下最终为我打开了芝麻。在找到适用于我的案例的解决方案之前,我尝试了上述所有答案(无济于事)。
add_action( 'rest_api_init', function () {
add_action( 'rest_pre_serve_request', function () {
header( 'Access-Control-Allow-Headers: Authorization, Content-Type, X-WP-Wpml-Language', true );
header("Access-Control-Allow-Origin: *");
} );
}, 15 );
Hopefully WordPress will have an official doggy door-flap for CORS control in the future.
希望 WordPress 将来会有一个官方的小狗门襟用于 CORS 控制。
回答by Sudar
Now that REST API is merged with core, we can use the rest_api_initaction.
现在 REST API 已与核心合并,我们可以使用该rest_api_init操作。
add_action( 'rest_api_init', function()
{
header( "Access-Control-Allow-Origin: *" );
} );
回答by Lance Cleveland
WordPress 5 (4.4+ actually) can handle it via WP Headers:
WordPress 5(实际上是 4.4+)可以通过 WP Headers 处理它:
Try this:
尝试这个:
add_filter( 'wp_headers', 'send_cors_headers', 11, 1 );
function send_cors_headers( $headers ) {
$headers['Access-Control-Allow-Origin'] = $_SERVER[ 'HTTP_ORIGIN' ];
return $headers;
}
Note that this will allow access from ANY source. For security you should try to do something like set an array of allowed domains that can make the request to your WordPress site and short-circuit the allow CORS if the domain making the request is not in the allowed list:
请注意,这将允许从任何来源访问。为了安全起见,您应该尝试执行一些操作,例如设置一组允许的域,这些域可以向您的 WordPress 站点发出请求,如果发出请求的域不在允许列表中,则短接允许 CORS:
add_filter( 'wp_headers', 'send_cors_headers', 11, 1 );
function send_cors_headers( $headers ) {
$allowed_domains = array( 'https://my.okdomain.com' , 'http://anothergoodone.com');
if ( ! in_array( $_SERVER[ 'HTTP_ORIGIN' ] , $allowed_domains ) ) return $headers;
$headers['Access-Control-Allow-Origin'] = $_SERVER[ 'HTTP_ORIGIN' ];
return $headers;
}
回答by Basil Abbas
In wordpress goto plugins > JSON API > Edit
在 wordpress 转到插件 > JSON API > 编辑
From the right hand file selection select
从右侧的文件选择中选择
json-api/singletons/api.php
json-api/singletons/api.php
You will need to add the following line
您将需要添加以下行
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Origin: *");
Your code should look similar to this once done. Adding this line anywhere else might not work as expected.
完成后,您的代码应该与此类似。在其他任何地方添加此行可能无法按预期工作。
<?php
header("Access-Control-Allow-Origin: *");
class JSON_API {
function __construct() {
$this->query = new JSON_API_Query();
$this->introspector = new JSON_API_Introspector();
$this->response = new JSON_API_Response();
add_action('template_redirect', array(&$this, 'template_redirect'));
add_action('admin_menu', array(&$this, 'admin_menu'));
add_action('update_option_json_api_base', array(&$this, 'flush_rewrite_rules'));
add_action('pre_update_option_json_api_controllers', array(&$this, 'update_controllers'));
}
function template_redirect() {
回答by njsokol
For anyone who is having this issue with multiple origins
对于遇到多源问题的任何人
In your server hosting your wordpress site, navigate to ../wp-content/plugins/json-rest-api and from here open the plugin.php file.
在托管 wordpress 站点的服务器中,导航到 ../wp-content/plugins/json-rest-api 并从这里打开 plugin.php 文件。
In this function
在这个函数中
function json_send_cors_headers( $value ) {..}
Change the header
更改标题
header( 'Access-Control-Allow-Origin: ' . esc_url_raw( $origin ) );
To
到
header( 'Access-Control-Allow-Origin: *' );
Hope this helps anyone who was incurring the same issues as I.
希望这可以帮助任何与我遇到相同问题的人。
回答by gui xiao
In WordPress project go to following file and do like this:
在 WordPress 项目中,转到以下文件并执行以下操作:
In wp-includes/rest-api.phpchange:
在wp-includes/rest-api.php变化:
header( 'Access-Control-Allow-Origin: ' . $origin );
to:
到:
header( 'Access-Control-Allow-Origin: *' );
In wp-includes/http.phpchange:
在wp-includes/http.php变化:
header( 'Access-Control-Allow-Origin: ' . $origin );
to:
到:
header( 'Access-Control-Allow-Origin: *' );
回答by Shahbaz Ahmed
The solution works with WordPress 5.1.1 and Gutenberg
该解决方案适用于 WordPress 5.1.1 和 Gutenberg
add_filter('rest_url', function($url) {
$url = str_replace(home_url(), site_url(), $url);
return $url;
});
