laravel 5.1 restFull api的访问控制源

问题描述：

我正在使用Laravel 5.1开发RESTful API。我的终端在邮差上正常工作。但是当我将它与前端集成时，它正在跟踪错误。laravel 5.1 restFull api的访问控制源

XMLHttpRequest无法加载 http://ideahubapi.dev/api/v1/users/register。
请求的资源上不存在“Access-Control-Allow-Origin”标头。
原因'http://ideahubfront.dev'因此不允许访问。
响应的HTTP状态码为500.

我试过下面的方法。（1）创建核心中间件。

<?php 

namespace App\Http\Middleware; 

use Closure; 

class Cors 
{ 
    public function handle($request, Closure $next) 
    { 
     return $next($request) 
      ->header('Access-Control-Allow-Origin', '*') 
      ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS') 
      ->header('Access-Control-Allow-Headers', 'Content-Type, Accept, Authorization, X-Requested-With'); 
    } 
}

把它添加到kernal.php

<?php 

namespace App\Http; 

use Illuminate\Foundation\Http\Kernel as HttpKernel; 

class Kernel extends HttpKernel 
{ 
    /** 
    * The application's global HTTP middleware stack. 
    * 
    * @var array 
    */ 
    protected $middleware = [ 
     \Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class, 
     \App\Http\Middleware\EncryptCookies::class, 
     \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, 
     \Illuminate\Session\Middleware\StartSession::class, 
     \Illuminate\View\Middleware\ShareErrorsFromSession::class, 
     \App\Http\Middleware\VerifyCsrfToken::class, 
     \App\Http\Middleware\Cors::class, 
    ]; 

    /** 
    * The application's route middleware. 
    * 
    * @var array 
    */ 
    protected $routeMiddleware = [ 
     'web' => \App\Http\Middleware\VerifyCsrfToken::class, 
     'cors' => \App\Http\Middleware\Cors::class, 
     'auth' => \App\Http\Middleware\Authenticate::class, 
     'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 
     'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 
    ]; 
}

，并routes.php文件

Route::group(['middleware' => ['web', 'core'], 'prefix' => 'api/v1'], function(){ 

    // get single user by user id 
    Route::get('getuserbyid/{user_id}', '[email protected]'); 

    Route::post('users/register', '[email protected]'); 

});

之后选择请求工作。但发布请求仍然相同。

（2）为控制器手动添加标题。喜欢这个。

return response()->json([$user, $merchant], 200) 
       ->header('Access-Control-Allow-Origin', '*') 
       ->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS') 
       ->header('Access-Control-Allow-Headers', 'Cache-Control, Connection, Date, Server, Content-Type, User-Agent, Accept, Referer, Authorization,Origin, Accept-Encoding, Content-Length, Host, Connection, X-Requested-With');

没有运气。伙计们，请帮助我。我为此渴望死亡。我的客户希望看到注册。我坚持这一点。

中间件在'routes.php'指定应该是相同的内核。改变这个'['middleware'=> ['web'，'cors']' – xmhafiz

非常感谢。之前我没有注意到。 –

答

变化

Route::group(['middleware' => ['web', 'core']

到

Route::group(['middleware' => ['web', 'cors']

它不起作用，因为它不与一个在内核相匹配。

是的。我改变了它。但没有运气 –

谢谢你给我看我的错误。这是一个问题。主要问题在前端。这很有帮助。谢谢。 –

答

CORS是你诅咒的名字，这里有一个解决方案：https://github.com/barryvdh/laravel-cors

感谢您的回答。 –

laravel 5.1 restFull api的访问控制源

相关推荐