我试图对我的其他php服务器进行$ http调用时遇到问题。 我正在从客户端到后端进行跨域调用。
在我的Angular应用程序中,这是$ http服务的配置方式:
.config(['$httpProvider', function($httpProvider) {
$httpProvider.interceptors.push('httpResponseInterceptor');
$httpProvider.interceptors.push('httpTimeStampMarker');
$httpProvider.defaults.useXDomain = true;
$httpProvider.defaults.headers.post['Access-Control-Allow-Origin'] = '*';
$httpProvider.defaults.headers.post['Content-Type'] = 'application/x-www-form-urlencoded';
delete $httpProvider.defaults.headers.common['Content-Type, X-Requested-With'];
}])
这是实际的$ http.post()的配置方式:
// Set the headers
var headers = {
'Access-Control-Allow-Origin': '*',
'Access-Control-Allow-Methods': 'POST, GET, OPTIONS, PUT',
'Content-Type': 'application/x-www-form-urlencoded',
'Accept': '*'
};
return $http({
method: "POST",
url: base_url,
data: $.param(args),
headers: headers
})
.success(function(data, status) {
})
.error(function(data, status) {
});
这是服务器的.htaccess:
# Cors
Header add Access-Control-Allow-Origin "*"
Header add Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Access-Control-Allow-Origin, Access-Control-Allow-Methods"
Header add Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
预检请求很顺利:
**Request headers:**
Accept:*/*
Accept-Encoding:gzip, deflate, sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:access-control-allow-origin, accept, access-control-allow-methods, content-type
Access-Control-Request-Method:POST
Connection:keep-alive
Host:***
Origin:***
Referer:***
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36
**Response headers**
Access-Control-Allow-Headers:Origin, X-Requested-With, Content-Type, Access-Control-Allow-Origin, Access-Control-Allow-Methods
Access-Control-Allow-Methods:PUT, GET, POST, DELETE, OPTIONS
Access-Control-Allow-Origin:*
Allow:OPTIONS,GET,HEAD,POST
Connection:Keep-Alive
Content-Length:0
Content-Type:httpd/unix-directory
Date:Fri, 26 Dec 2014 07:12:24 GMT
Keep-Alive:timeout=5, max=100
Server:Apache/2.4.9 (Unix) PHP/5.6.2
但是实际的帖子请求失败了:
XMLHttpRequest cannot load http://***/. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin '***' is therefore not allowed access. The response had HTTP status code 404.
这些是请求和响应标头:
**Request headers**
Accept:*
Accept-Encoding:gzip, deflate
Accept-Language:en-US,en;q=0.8
Access-Control-Allow-Methods:POST, GET, OPTIONS, PUT
Access-Control-Allow-Origin:*
Connection:keep-alive
Content-Length:130
Content-Type:application/x-www-form-urlencoded
Host:***
Origin:http://***
Referer:***
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/39.0.2171.95 Safari/537.36
**Response headers**
Connection:Keep-Alive
Content-Length:198
Content-Type:text/html; charset=iso-8859-1
Date:Fri, 26 Dec 2014 07:12:24 GMT
Keep-Alive:timeout=5, max=99
Server:Apache/2.4.9 (Unix) PHP/5.6.2
我显然在帖子请求的回复中遗漏了一些标题。
然而,它失败的问题确实在预检请求中有效。我已经尝试在其余服务器的index.php中添加一些头文件,但是请求没有到达那里并且更早被卡住(我猜是在加载.htaccess时)。
我在这里缺少什么?
答案 0 :(得分:8)
我的.htaccess:
# Cors
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Access-Control-Allow-Origin"
Header always set Access-Control-Allow-Methods "PUT, GET, POST, DELETE, OPTIONS"
@Alexey Rodin给出的提示几乎是正确的。而不是改变"添加"到"设置"它应设置为"始终设置"。
这site帮助了我:
关于AngularJS,我可以确认CORS无需其他设置。 因此,Angular的$ http不需要使用标题左右更改,默认设置应该与上述.htaccess条目一起使用。
答案 1 :(得分:1)