Nginx跨域处理
1:nginx服务端配置:
方便复制:
#add_header ‘Access-Control-Allow-Origin’ ‘$http_origin’;
#add_header ‘Access-Control-Allow-Credentials’ ‘true’;
#add_header ‘Access-Control-Allow-Methods’ ‘GET,POST,DELETE,PUT,OPTIONS’;
#add_header ‘Access-Control-Allow-Headers’ ‘DNT,web-token,x-secret-key,app-token,Authorization,Accept,Origin,Keep-Alive,User-Agent,X-Mx-ReqToken,X-Data-Type,X-Auth-Token,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range’;
#add_header ‘Access-Control-Expose-Headers’ ‘Content-Length,Content-Range’;
后端laravel的处理方式:
1:建一个中间件:
php artisan make:middleware EnableCrossRequestMiddleware
2:中间件的内容,主要增加允许的域名url
<?php
namespace App\Http\Middleware;
use App\Platform;
use Closure;
class EnableCrossRequestMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$response = $next($request);
$origin = $request->server(‘HTTP_ORIGIN’) ? $request->server(‘HTTP_ORIGIN’) : ”;
$allow_origin = Platform::whereNotNull(‘platform_url’)->where(‘platform_url’,’!=’,”)->where(‘platform_url’,$origin)->first();
if ($allow_origin) {
$response->headers->add([‘Access-Control-Allow-Origin’ => $origin]);
$response->headers->add([‘Access-Control-Allow-Methods’ => ‘GET,POST,PATCH,PUT,OPTIONS,DELETE’]);
$response->headers->add([‘Access-Control-Allow-Headers’ => ‘Origin,Content-Type,Cookie,X-CSRF-TOKEN,Accept,Authorization,X-XSRF-TOKEN,x-secret-key’]);
$response->headers->add([‘Access-Control-Allow-Credentials’ => ‘true’]);
}
return $response;
}
}
3:然后在内核文件注册该中间件为全局中间件,并提升改中间件的优先级
protected $middleware = [
// more
App\Http\Middleware\EnableCrossRequestMiddleware::class,
];
4:这样所有路由都会走该中间件了
参考链接:https://learnku.com/articles/6504/laravel-cross-domain-solution
5:
前端请求的api不存在时也会返回跨域
请求的api缺少了api/v1/的前缀