Dan*_*nny 4 javascript header cross-domain slim backbone.js
我正在使用Backbone和Slim PHP框架.我正在尝试将信息发布到我的API,但是Access-Control-Allow-Headers一直让我遇到问题......
我的控制台显示:
OPTIONS http://api.barholla.com/user/auth 405 (Method Not Allowed) zepto.min.js:2
XMLHttpRequest cannot load http://api.barholla.com/user/auth. Request header field Content-Type is not allowed by Access-Control-Allow-Headers.
我的标题是:
Request URL:http://api.barholla.com/user/auth
Request Method:OPTIONS
Status Code:405 Method Not Allowed
Request Headersview source
Accept:*/*
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:origin, content-type, accept
Access-Control-Request-Method:POST
Connection:keep-alive
Host:api.barholla.com
Origin:http://localhost
Referer:http://localhost/barholla/app/
User-Agent:Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.94 Safari/537.4
Response Headersview source
Access-Control-Allow-Origin:*
Allow:POST
Connection:close
Content-Type:application/json
Date:Thu, 08 Nov 2012 16:12:32 GMT
Server:Apache
Transfer-Encoding:chunked
X-Powered-By:Slim
X-Powered-By:PleskLin
我的slim index.php文件中的标题是:
$res = $app->response();
$res->header('Access-Control-Allow-Origin', '*');
$res->header("Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS");
要处理帖子数据:
$app->post('/user/auth', function () use ($app) {
//code here
});
在我的javascript(我正在使用骨干框架)我的代码是:
App.userAuth = new App.UserAuthModel({
username: $('#username').val(),
password: hex_md5($('#password').val())
});
App.userAuth.save({}, {
success: function(model, resp) {
console.log(resp);
},
error: function(model, response) {
console.log(response);
}
});
任何帮助都会非常感激,我已经坚持了很久!
Joe*_*Joe 17
我有一个类似的跨域POST问题(实际上除了所有标题GET).以下解决了它:
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']) && (
$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'] == 'POST' ||
$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'] == 'DELETE' ||
$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD'] == 'PUT' )) {
header('Access-Control-Allow-Origin: *');
header("Access-Control-Allow-Credentials: true");
header('Access-Control-Allow-Headers: X-Requested-With');
header('Access-Control-Allow-Headers: Content-Type');
header('Access-Control-Allow-Methods: POST, GET, OPTIONS, DELETE, PUT'); // http://stackoverflow.com/a/7605119/578667
header('Access-Control-Max-Age: 86400');
}
exit;
}
在您的javascript客户端中,您正在向/ user/auth发出OPTIONS请求,但在您的PHP代码中,您只接受通过此端点的POST请求.
如果您希望API接受OPTIONS方法,您的代码中应该包含以下内容:
$app->options('/user/auth', function () use ($app) {
//code here
});
或者,如果要在同一函数中处理多个HTTP方法:
$app->map('/user/auth', function () use ($app) {
if ($app->request()->isOptions()) {
//handle options method
}
else if ($app->request()->isPost()) {
//handle post method
}
})->via('POST', 'OPTIONS');
根据W3C,请记住OPTIONS方法:
[...]表示请求获取有关Request-URI标识的请求/响应链上可用的通信选项的信息.该方法允许客户端确定与资源相关联的选项和/或要求,或服务器的能力,而不暗示资源动作或启动资源检索.
或者,只需更改客户端的代码即可发出POST请求而不是OPTIONS请求.它比通过OPTIONS方法验证用户更容易,更有意义.在zepto.js中它将是这样的:
$.post('/user/auth', { foo: 'bar' }, function(response){
console.log(response);
});
| 归档时间: |
|
| 查看次数: |
13370 次 |
| 最近记录: |