php – Yii2 cors过滤器错误,不存在“访问控制允许原点”头

发布时间：2020-12-13 17:36:35 所属栏目：PHP教程来源：网络整理

导读：在 This question之后,我设置了我的休息控制器行为 public function behaviors(){ $behaviors = parent::behaviors(); $auth= $behaviors['authenticator'] = [ 'class' = HttpBearerAuth::className(),'only' = ['dashboard'],]; $behaviors['contentNegoti

在 This question之后,我设置了我的休息控制器行为

public function behaviors()
{
    $behaviors = parent::behaviors();

    $auth= $behaviors['authenticator'] = [
        'class' => HttpBearerAuth::className(),'only' => ['dashboard'],];
    $behaviors['contentNegotiator'] = [
        'class' => ContentNegotiator::className(),'formats' => [
            'application/json' => Response::FORMAT_JSON,],];
    $acces=$behaviors['access'] = [
        'class' => AccessControl::className(),'only' => ['login'],'rules' => [
            [
                'actions' => ['login'],'allow' => true,'roles' => ['?'],];

    unset($behaviors['authenticator']);
    unset($behaviors['access']);

而现在的cors过滤器

// add CORS filter
    $behaviors['corsFilter'] = [
        'class' => yiifiltersCors::className(),'cors' => [
        // restrict access to
        'Access-Control-Allow-Origin' => ['*'],'Access-Control-Request-Method' => ['GET','POST','PUT','PATCH','DELETE','HEAD','OPTIONS'],// Allow only POST and PUT methods
        'Access-Control-Request-Headers' => ['*'],// Allow only headers 'X-Wsse'
        'Access-Control-Allow-Credentials' => true,// Allow OPTIONS caching
        'Access-Control-Max-Age' => 86400,// Allow the X-Pagination-Current-Page header to be exposed to the browser.
        'Access-Control-Expose-Headers' => [],]
    ];

    // re-add authentication filter
    $behaviors['authenticator'] = $auth;
       $behaviors['access'] = $access;
    // avoid authentication on CORS-pre-flight requests (HTTP OPTIONS method)
    $behaviors['authenticator']['except'] = ['options'];
    return $behaviors;
}

我的角度2前端as

const body = JSON.stringify(user);
let headers = new Headers();
headers.append('Content-Type','application/x-www-form-urlencoded');
headers.append('Content-Type','application/json');
headers.append('Access-Control-Allow-Credentials',"*");
return this._http.post(this.loginUrl,body,{ headers:headers })
  .map((response: Response) => {
     //process response
  })
.catch(this.handleError);

但我仍然收到错误

Response to preflight request doesn't pass access control check: No
 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 
 'http://localhost:3000' is therefore not allowed access.

什么可能是错误的,因为ive设置cii过滤器在yii2行为未设置认证器,并在以后添加
我能错过什么？

我也检查了This link和this one
但没有一个解决问题

尝试这个：

public static function allowedDomains()
{
    return [
        // '*',// star allows all domains
        'http://localhost:3000','http://test2.example.com',];
}  



public function behaviors()
    {
        return array_merge(parent::behaviors(),[

            // For cross-domain AJAX request
            'corsFilter'  => [
                'class' => yiifiltersCors::className(),'cors'  => [
                    // restrict access to domains:
                    'Origin'                           => static::allowedDomains(),'Access-Control-Request-Method'    => ['POST'],'Access-Control-Allow-Credentials' => true,'Access-Control-Max-Age'           => 3600,// Cache (seconds)

                ],]);
    }

在您的控制器上添加此功能.

和一个角度2使用OPTION方法在第一次为了允许OPTION方法也

（编辑：李大同）

【声明】本站内容均来自网络，其相关言论仅代表作者个人观点，不代表本站立场。若无意侵犯到您的权利，请及时与联系站长删除相关内容!