Cors在此api中工作用户/postjob/store api中的登录问题我在angular中添加Cors true解决了此问题。几天后,我再次调用此api,同样的错误也会发生
无法加载XMLHttpRequesthttp://192.168.10.5/jobpost1/public/api/job.对飞行前请求的响应未通过访问控制检查:请求的资源上不存在“访问控制允许来源”标头。起源'http://localhost:9001因此,不允许访问。
Routes.php
Route::group(['prefix' => 'api'], function () {
Route::post('users/login', array('middleware' => 'Cors', 'uses' => 'Auth\AuthController@login'));
});`
Route::group(['prefix'=>'api'], function()
{
Route::group(['middleware'=>'jwt-auth'], function ()
{
Route::post('postjob/store', array('middleware' => 'Cors', 'uses'=> 'PostController@store'));
});
});
Cors.php
class Cors
{
public function handle($request, Closure $next)
{
// ALLOW OPTIONS METHOD
$headers = [
'Access-Control-Allow-Origin'=> '*',
'Access-Control-Allow-Methods'=> 'POST, GET, OPTIONS, PUT, DELETE',
'Access-Control-Allow-Headers'=> 'Content-Type, X-Auth-Token, Origin',
'Access-Control-Allow-Credentials' => 'true'
];
if($request->getMethod() == "OPTIONS") {
// The client-side application can set only headers allowed in Access-Control-Allow-Headers
return Response::make('OK', 200, $headers);
}
$response = $next($request);
foreach($headers as $key => $value)
$response->header($key, $value);
return $response;
}
角码
return $http({
method: 'POST',
url: 'http://192.168.10.4/jobpost1/public/api/job',
cors: true,
xhrFields: {
withCredentials: true
},
params: {
"token" :token,
"user_id": userId,
"job_shift": job_shift,
"job_type": job_type,
"job_description":job_description,
"degree_title": degree_title,
"city": city,
"experience": experience,
"career_level": career_level,
"gender":gender,
"total_position": total_position,
"minimum_edu":minimum_edu,
"apply_before": apply_before
}
}).then(function successCallback(response, status) {
callback(response, status);
debugger;
}
, function errorCallback(response, status) {
callback(response, status);
debugger;
});
};
而不是使用Foreach添加标头:
foreach($headers as $key => $value)
$response->header($key, $value);
试一试:
$response->headers->add($headers);
