Laravel 4 API不允许来自外部站点的POST请求

克莱·艾伦

我试图通过从外部站点到我的Laravel 4 API的POST请求创建用户。我已将以下代码添加到我的app / filters.php文件中:

App::before(function($request)
{
    if ($_SERVER['REQUEST_METHOD'] === 'OPTIONS') {

        header('Access-Control-Allow-Origin', 'http://www.myexternalsite.net');
        header('Allow', 'GET, POST, OPTIONS, PUT, DELETE');
        header('Access-Control-Allow-Headers', 'Origin, Content-Type, Accept, Authorization, X-Request-With');
        header('Access-Control-Allow-Credentials', 'true');

        exit;
    }
});

App::after(function($request, $response)
{
    $response->headers->set('Access-Control-Allow-Origin', 'http://www.myexternalsite.net');
    $response->headers->set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
    $response->headers->set('Access-Control-Allow-Headers', 'Origin, Content-Type, Accept, Authorization, X-Requested-With');
    $response->headers->set('Access-Control-Allow-Credentials', 'true');
    $response->headers->set('Access-Control-Max-Age','86400');
    return $response;
});

当我对来自http://www.myexternalsite.net的POST请求运行开发工具时,收到以下警告消息:

event.returnValue is deprecated. Please use the standard event.preventDefault() instead. main-built.js:6

以及以下错误消息:

OPTIONS http://api.mywebsite.com/users 500 (Internal Server Error) main-built.js:7
OPTIONS http://api.mywebsite.com/users No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://www.myexternalsite.net' is therefore not allowed access. main-built.js:7

我想念什么吗?

迈克·布兰特(Mike Brant)

第一个错误严格是客户端javascript错误。错误描述的含义与所说的完全一样。您应该适当地更新您的js。

第二组错误消息可能与以下事实有关:您正在对JavaScript文件进行跨域请求,而该请求不受PHP发送的标头的约束。您将需要在Web服务器上为此类端点配置CORS

本文收集自互联网,转载请注明来源。

如有侵权,请联系 [email protected] 删除。

编辑于
0

我来说两句

0 条评论
登录 后参与评论

相关文章