2
我正在使用Laravel 5.1开发RESTful API。我的终端在邮差上正常工作。但是当我将它与前端集成时,它正在跟踪错误。laravel 5.1 restFull api的访问控制源
XMLHttpRequest无法加载 http://ideahubapi.dev/api/v1/users/register。
请求的 资源上不存在“Access-Control-Allow-Origin”标头。
原因'http://ideahubfront.dev'因此不允许 访问。
响应的HTTP状态码为500.
我试过下面的方法。 (1)创建核心中间件。
<?php
namespace App\Http\Middleware;
use Closure;
class Cors
{
public function handle($request, Closure $next)
{
return $next($request)
->header('Access-Control-Allow-Origin', '*')
->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
->header('Access-Control-Allow-Headers', 'Content-Type, Accept, Authorization, X-Requested-With');
}
}
把它添加到kernal.php
<?php
namespace App\Http;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* @var array
*/
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
\Illuminate\Session\Middleware\StartSession::class,
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
\App\Http\Middleware\VerifyCsrfToken::class,
\App\Http\Middleware\Cors::class,
];
/**
* The application's route middleware.
*
* @var array
*/
protected $routeMiddleware = [
'web' => \App\Http\Middleware\VerifyCsrfToken::class,
'cors' => \App\Http\Middleware\Cors::class,
'auth' => \App\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
];
}
,并routes.php文件
Route::group(['middleware' => ['web', 'core'], 'prefix' => 'api/v1'], function(){
// get single user by user id
Route::get('getuserbyid/{user_id}', '[email protected]');
Route::post('users/register', '[email protected]');
});
之后选择请求工作。但发布请求仍然相同。
(2)为控制器手动添加标题。喜欢这个。
return response()->json([$user, $merchant], 200)
->header('Access-Control-Allow-Origin', '*')
->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS')
->header('Access-Control-Allow-Headers', 'Cache-Control, Connection, Date, Server, Content-Type, User-Agent, Accept, Referer, Authorization,Origin, Accept-Encoding, Content-Length, Host, Connection, X-Requested-With');
没有运气。伙计们,请帮助我。我为此渴望死亡。我的客户希望看到注册。我坚持这一点。
中间件在'routes.php'指定应该是相同的内核。改变这个'['middleware'=> ['web','cors']' – xmhafiz
非常感谢。之前我没有注意到。 –