nginx + php 跨域问题,GET可以跨域成功,POST失败
https://api.a.com/api/game/ad...
OPTION 预检请求返回200
但是POST 则直接报以下错误
Access to XMLHttpRequest at 'https://api.a.com/api/tree/add/' from origin 'https://game.a.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
php设置允许跨域配置如下:
$_header = 'X-Requested-With,X_Requested_With,sign,token,version,source,Content-Type,Content_Type,Referer,User_Agent,User-Agent,Origin';
//如果需要设置允许所有域名发起的跨域请求,可以使用通配符 *
header("Access-Control-Allow-Origin: *"); // 允许任意域名发起的跨域请求
header('Access-Control-Allow-Methods:POST,GET,OPTIONS');
//header("Access-Control-Allow-Headers:sign,token,version,source,Content-Type,Referer,User-Agent");
header("Access-Control-Allow-Headers:$_header");如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
跨域代码加在了哪个位置?在入口文件加一下试试
我这边用的nginx的
add_header Access-Control-Allow-Credentials true;
add_header Access-Control-Allow-Origin $http_origin always;
add_header Access-Control-Allow-Methods GET,POST,PUT,DELETE,PATCH,OPTIONS;
add_header Access-Control-Allow-Headers * always;
add_header Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept;
add_header Access-Control-Max-Age 1728000;
add_header Content-Length 0;
location / {
if ($request_method = 'OPTIONS') {
return 200;
}
}
用的什么框架?代码贴全嘛
设置路由,加一个反向代理