gpt4 book ai didi

javascript - CORS 在 php slim 框架中不工作

转载 作者:可可西里 更新时间:2023-11-01 00:42:22 24 4
gpt4 key购买 nike

我使用 php slim 框架创建了 rest api。这是我的代码

<?php
require 'Slim/Slim.php';
require '../lib/cors_enable.php';
require '../lib/logger.php';
require '../../db_config/config.php';
require '../lib/predis-0.8/lib/Predis/Autoloader.php';
Predis\Autoloader::register();
require '../lib/RedisMethods.php';
require '../lib/APICaller.php';
require '../lib/FosterGemOAuth.php';
require '../lib/FosterGemUser.php';
require '../lib/NewsFeed.php';
require '../lib/FosterGemBookmarks.php';
require '../lib/TopicWebsite.php';
require '../lib/FetchFullArticle.php';
require '../lib/PushNotification.php';


\Slim\Slim::registerAutoloader();
$app = new \Slim\Slim();

if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
// return only the headers and not the content
// only allow CORS if we're doing a GET - i.e. no saving for now.
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'])) {
if($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'] == 'GET' || $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'] == 'POST') {
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: X-Requested-With, X-authentication,Content-Type, X-client');
}
}
exit;
}


$app->post('/messagebhej(/)(:profile_id/?)(:app_auth_token/?)', 'messagebhej');
$app->post('/login','login');


$app->run();

function messagebhej($profile_id, $app_auth_token){
$error='';
$request = file_get_contents('php://input');
try {
$request_data = json_decode($request,true);
if($app_auth_token == APP_AUTH_TOKEN){
$obj = new PushNotification();
$res = $obj->sendMessage($profile_id, $request_data);
} else {
$error='Access Denied';
}
} catch (Exception $ex) {
$error=$ex->getMessage();
log_error($error,"index.php | sendMessage function");
}
if($error) {
$return_data= '{"Status":"Failed","Message":"'.$error.'"}';
} else {
$return_data='{"Status":"Success"}';
}
echo $return_data;
}

function login() {
$error='';
$request = file_get_contents('php://input');
try {
$request_data = json_decode($request,true);
if(isset($request_data['EmailAddress']) && isset($request_data['Password'])){
if($request_data['EmailAddress']){
$obj = new FosterGemUser();
$user_data = $obj->get_user($request_data['EmailAddress'],$request_data['Password'],$request);
} else {
$error='Please enter your email address.';
}
} else {
$error='Wrong Data Format.';
}
} catch (Exception $ex) {
$error=$ex->getMessage();
log_error($error,"index.php | login function");
}
if($error) {
$return_data= '{"Status":"Error","Message":"'.$error.'"}';
} else {
$return_data=$user_data;
}
echo $return_data;
}

现在,当我使用 Rest 客户端调用它时,这两个 api 都可以正常工作。但是,当我从 javascript 调用登录 api 时,它运行良好,但 messagebhej api 给出错误

XMLHttpRequest cannot load http://api.fostergem.com/messagebhej/556714b04ec0a40d3cda0118/{app_auth_token}. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:63343' is therefore not allowed access. The response had HTTP status code 404.

我快疯了。一切都是一样的,然后是如何为一个 api 启用 cors 而不是为其他 api 启用 cors。

这是我的 cors_enable.php

<?php

// Specify domains from which requests are allowed
header('Access-Control-Allow-Origin: *');

// Specify which request methods are allowed
header('Access-Control-Allow-Methods: GET, POST, OPTIONS');

// Additional headers which may be sent along with the CORS request
// The X-Requested-With header allows jQuery requests to go through
header('Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With');

// Set the age to 1 day to improve speed/caching.
header('Access-Control-Max-Age: 86400');

?>

最佳答案

在您拥有的条件下,在您的 API 中包含启用 CORS 的 header 语句是没有意义的。

目前,仅当 REQUEST_METHOD 为 OPTIONS 且 HTTP_ACCESS_CONTROL_REQUEST_METHOD 为 GET 或 POST 时,它才会设置 header ,但您的请求不符合此要求。

所以替换

if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
// return only the headers and not the content
// only allow CORS if we're doing a GET - i.e. no saving for now.
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'])) {
if($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'] == 'GET' || $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'] == 'POST') {
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: X-Requested-With, X-authentication,Content-Type, X-client');
}
}
exit;
}

来自您的代码

header('Access-Control-Allow-Origin: *');

header('Access-Control-Allow-Methods: GET, POST, OPTIONS');

header('Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With');

PS:除非您将服务器变量设置为 HTTP_ACCESS_CONTROL_REQUEST_METHOD,否则请将其更改为 REQUEST_METHOD

关于javascript - CORS 在 php slim 框架中不工作,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/31618734/

24 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com