Laravel 5.7 No 'Access-Control-Allow-Origin' header is present on the request resource
前后端项目跨域访问时会遇到此问题,解决方法如下:
创建一个中间件
php artisan make:middleware EnableCrossRequestMiddleware
该中间件的文件路径为:app/Http/Middleware/EnableCrossRequestMiddleware.php
中间件 EnableCrossRequestMiddleware 内容如下:
<?php
/**
* 跨域设置
*/
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Response;
class EnableCrossRequestMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$response = $next($request);
$origin = $request->server('HTTP_ORIGIN') ? $request->server('HTTP_ORIGIN') : '';
$allow_origin = config('origin.allowed');
if (in_array($origin, $allow_origin)) {
$response->header('Access-Control-Allow-Origin', $origin);
$response->header('Access-Control-Allow-Headers', 'Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN');
$response->header('Access-Control-Expose-Headers', 'Authorization, authenticated');
$response->header('Access-Control-Allow-Methods', 'GET, POST, PATCH, PUT, OPTIONS');
$response->header('Access-Control-Allow-Credentials', 'true');
}
return $response;
}
}
在 app/Http/Kernal.php 文件中将其注册为全局中间件
namespace App\Http;
use App\Http\Middleware\AuthenticateMain;
use App\Http\Middleware\AuthenticateSeller;
use App\Http\Middleware\AuthenticateUser;
use Illuminate\Foundation\Http\Kernel as HttpKernel;
class Kernel extends HttpKernel
{
/**
* The application's global HTTP middleware stack.
*
* These middleware are run during every request to your application.
*
* @var array
*/
protected $middleware = [
\App\Http\Middleware\CheckForMaintenanceMode::class,
\Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
\App\Http\Middleware\TrimStrings::class,
\Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
\App\Http\Middleware\TrustProxies::class,
\App\Http\Middleware\EnableCrossRequestMiddleware::class, // 添加这一行将其注册为全局中间件
];
}
增加配置文件app/config/origin.php,内容为允许的域名
<?php
return [
'allowed' => [
'http://test.example.com',
'http://test-fe.example.com:8080'
]
];
PS - 个人博客原文:Laravel 5.7 No 'Access-Control-Allow-Origin' header is present on the request resource
Laravel 5.7 No 'Access-Control-Allow-Origin' header is present on the request resource的更多相关文章
- Access control allow origin 简单请求和复杂请求
原文地址:http://blog.csdn.net/wangjun5159/article/details/49096445 错误信息: XMLHttpRequest cannot load http ...
- WCF REST开启Cors 解决 No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost' is therefore not allowed access. The response had HTTP status code 405.
现象: 编写了REST接口: [ServiceContract] public interface IService1 { [OperationContract] [WebInvoke(UriTemp ...
- Failed to load http://wantTOgo.com/get_sts_token/: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://fromHere.com' is therefore not allowed access.
Failed to load http://wantTOgo.com/get_sts_token/: No 'Access-Control-Allow-Origin' header is presen ...
- java、ajax 跨域请求解决方案('Access-Control-Allow-Origin' header is present on the requested resource. Origin '请求源' is therefore not allowed access.)
1.情景展示 ajax调取java服务器请求报错 报错信息如下: 'Access-Control-Allow-Origin' header is present on the requested ...
- 跨域问题解决----NO 'Access-Control-Allow-Origin' header is present on the requested resource.Origin'http://localhost:11000' is therfore not allowed access'
NO 'Access-Control-Allow-Origin' header is present on the requested resource.Origin'http://localhost ...
- has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
前端显示: has been blocked by CORS policy: Response to preflight request doesn't pass access control che ...
- .Net Core 处理跨域问题Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource
网页请求报错: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Or ...
- 解决js ajax跨越请求 Access control allow origin 异常
// 解决跨越请求的问题 response.setHeader("Access-Control-Allow-Origin", "*");
- No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'null' is therefore not allowed access.
一.什么是跨域访问 举个栗子:在A网站中,我们希望使用Ajax来获得B网站中的特定内容.如果A网站与B网站不在同一个域中,那么就出现了跨域访问问题.你可以理解为两个域名之间不能跨过域名来发送请求或者请 ...
随机推荐
- C++ Primer学习笔记(二)
题外话:一工作起来就没有大段的时间学习了,如何充分利用碎片时间是个好问题. 接 C++ Primer学习笔记(一) 27.与 vector 类型相比,数组的显著缺陷在于:数组的长度是固定的,无法 ...
- e662. 取的图像的色彩模型
// This method returns the color model of an image public static ColorModel getColorModel(Image imag ...
- (转)S5PV210 三个Camera Interface/CAMIF/FIMC的区别
原文出处:http://blog.csdn.net/kickxxx/article/details/7728947 S5PV210有三个CAMIF单元,分别为CAMIF0 CAMIF1和CAMIF2. ...
- linux -- 服务开机自启动
好吧,最近需要用到开机启动服务,百度了一下,几乎都是一个版本,然后之间各种传递.我也抄个 ******************************************************* ...
- xss过滤函数
XSS是一种经常出现在web应用中的计算机安全漏洞,它允许恶意web用户将代码植入到提供给其它用户使用的页面中. 比如这些代码包括HTML代码和客户端脚本. function remove_xss($ ...
- WiFi(网络)调试Android手机
手机需要root 使用adb tcpip命令开启网络调试功能,一旦手机重启,又要重复这些步骤,比较麻烦. 一劳永逸的方法是,使用re管理器(给予root权限)在手机的/system/build.pro ...
- hadoop中文官网
http://hadoop.apache.org/docs/r1.0.4/cn/hdfs_shell.html
- apache Storm学习之三-消息可靠性
4.1 简介 storm可以确保spout发送出来的每个消息都会被完整的处理.本章将会描述storm体系是如何达到这个目标的,并将会详述开发者应该如何使用storm的这些机制来实现数据的可靠处理. 4 ...
- develop brew app from here
https://brewx.qualcomm.com/brew/sdk/download.jsp?page=dx/en/brew31/ad/tl/overview the email is silen ...
- How to Setup Cordova for Windows 7
Setup Cordova Text Editor / IDE You may need to prepare an IDE or Editor for working. Here for examp ...