Nar*_*ela 7 php rest cors angularjs cakephp-3.0
我正在使用CakePHP 3开发REST API。我想公开启用它,因此任何人都可以调用该API。因此,我添加了此处定义的cors标头:http ://book.cakephp.org/3.0/en/controllers/request-response.html#setting-cross-origin-request-headers-cors
我已经在Dispatcher.beforeDispatch和Dispatcher.beforeDispatch上实现了EventListener,以准备cors标头。
class ApiResponseHeaders implements EventListenerInterface
{
/**
* Event bindings
*
* @return array
*/
public function implementedEvents()
{
return [
'Dispatcher.beforeDispatch' => [
'callable' => 'beforeDispatch',
'priority' => 0
],
'Dispatcher.afterDispatch' => [
'callable' => 'afterDispatch',
'priority' => 99999
]
];
}
public function beforeDispatch(Event $event)
{
$request = $event->data['request'];
if ('OPTIONS' === $request->method()) {
$event->stopPropagation();
}
}
public function afterDispatch(Event $event)
{
$request = $event->data['request'];
$response = $event->data['response'];
$response->cors($request)
->allowOrigin('*')
->allowMethods(['GET', 'POST', 'OPTIONS'])
->allowHeaders(['Content-Type, Authorization, X-Requested-With, Accept'])
->allowCredentials()
->maxAge(0)
->build();
if ('OPTIONS' === $request->method()) {
$event->stopPropagation();
}
}
}
但是问题是,当我从AngularJS向API端点发出POST请求时,首先会先调用OPTIONS方法,然后再进行POST方法。CakePHP不处理OPTIONS方法调用并返回:400错误的请求
以下是示例请求和响应头:
请求头
OPTIONS /v1/account/login HTTP/1.1
Host: api.cake.dev
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:48.0) Gecko/20100101 Firefox/48.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: http://demo.angular.dev
Connection: keep-alive
响应头
HTTP/1.1 400 Bad Request
Date: Wed, 07 Sep 2016 08:34:55 GMT
Server: Apache/2.4.17 (Win64) PHP/5.6.16
X-Powered-By: PHP/5.6.16
X-DEBUGKIT-ID: b4e5654a-cefb-43b7-bf19-4e8c7ffdb0e0
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Content-Type, Authorization, X-Requested-With, Accept
Access-Control-Allow-Credentials: true
access-control-max-age: 0
Content-Length: 147
Connection: close
Content-Type: text/html; charset=UTF-8
CakePHP 3中是否有一种方法可以处理此OPTIONS请求并返回正确的响应,以便下一个POST请求能够正常工作?
请帮忙。谢谢
使用 CakePHP 3.2+,我是这样做的:
public function beforeRender(event $event) {
$this->setCorsHeaders();
}
public function beforeFilter(event $event) {
if ($this->request->is('options')) {
$this->setCorsHeaders();
return $this->response;
}
}
private function setCorsHeaders() {
$this->response = $this->response->cors($this->request)
->allowOrigin(['*'])
->allowMethods(['*'])
->allowHeaders(['x-xsrf-token', 'Origin', 'Content-Type', 'X-Auth-Token'])
->allowCredentials(['true'])
->exposeHeaders(['Link'])
->maxAge(300)
->build();
}
这样,我什至可以处理 CakePHP 的错误页面。
根据您的情况,您可以更改allowHeaders数组上的值。
请记住,如果请求已withCredentials设置为true,您将需要指定来源。
在您的 appController 中放置以下内容:
use Cake\Event\Event; //if you dont have this allready
public function beforeFilter(event $event) { //if you dont have this beforeFilter already
if ($this->request->is('options')) {
return $this->response;
}
}
| 归档时间: |
|
| 查看次数: |
6024 次 |
| 最近记录: |