Question

在我的Symfony应用程序中，我使用的是谷歌图表。

我收到错误：

XMLHttpRequest cannot load https://www.google.com/uds/api/visualization/1.0/dca88b1ff7033fac80178eb526cb263e/ui+en.css. No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://foodmeup.dev' is therefore not allowed access.

我试图通过设置一个监听器来解决这个问题，该监听器会在响应中添加标头（请参阅此处的cors监听器：Symfony2 - how can I set custom Headers?）并且它无法正常工作，我得到了相同的错误

<?php
namespace AppBundle\EventListener;

use Symfony\Component\HttpKernel\Event\FilterResponseEvent;

class CorsListener
{
public function onKernelResponse(FilterResponseEvent $event)
{
    $response = $event->getResponse();
    $responseHeaders = $response->headers;

    $responseHeaders->set('Access-Control-Allow-Headers', 'origin, content-type, accept');
    $responseHeaders->set('Access-Control-Allow-Origin', '*');
    $responseHeaders->set('Access-Control-Allow-Methods', 'POST, GET, PUT, DELETE, PATCH, OPTIONS');

    $event->setResponse($response);
}
}

在我看来，我使用的是一个简单的谷歌图表：

<div class="piechart margin-auto" style="height: 220px;" data-completeness="{{ completeness }}"></div>

<script>var googleCharts = [];</script>
    <script type="text/javascript">

        function drawProfilePieCharts()
        {
            var completeness = $(this).data('completeness');

            var data = google.visualization.arrayToDataTable([
                ['Nom',    'Valeur'],
                ["Profil rempli à ", completeness],
                ['Manque', 100 - completeness]
            ]);

            var options = {
                backgroundColor: { fill:'transparent'},
                pieSliceBorderColor : 'transparent',
                pieHole: 0.8,
                legend: {position: 'top'},
                width: 220,
                height: 220,
                tooltip: {trigger: 'none'},
                pieStartAngle: -90,
                pieSliceTextStyle :{fontsize : 16, color: 'transparent'},
                slices: {
                    0: { color: '#09b4ff'},
                    1: { color: '#444'}
                },
                chartArea : {width: '90%', height: '90%'}
            };

            var chart = new google.visualization.PieChart(this);
            chart.draw(data, options);
        }

        googleCharts.push("$('.piechart').each(drawProfilePieCharts)");

    $(window).resize(function(){
        drawAllCharts();
    });


    google.load('visualization', '1', {packages:['corechart', 'bar', 'line']});
    var drawAllCharts = function() {
        for (var i = 0; i < googleCharts.length; i++) {
            eval(googleCharts[i]);
        }
    };

    google.setOnLoadCallback(function(){drawAllCharts()});

    </script>

Answer 1

试图在响应上设置标题，然后就可以了：

$response->headers->set('Access-Control-Allow-Origin', 'http://foodmeup.dev');

考虑到URL必须完全是预期的URL，HTTP或HTTPS，最后没有/。

可以设置多个这些标头，在我的情况下，我使用4，HTTP和HTTPS，开发和prod服务器。一切正常。

Answer 2

这里的好处是使用内核事件订阅者，例如：

class Toto implements EventSubscriberInterface
{
    public static function getSubscribedEvents()
    {
        return array(
            KernelEvents::RESPONSE => 'onKernelResponse'
        );
    }

    public function onKernelResponse(FilterResponseEvent $event)
    {
        $httpRequestOrigin = $event->getRequest()->headers->get('origin');

        $event->getResponse()->headers->set('Access-Control-Allow-Origin', $httpRequestOrigin);
        $event->getResponse()->headers->set('Access-Control-Allow-Credentials', 'true');
    }
}

Answer 3

试试这个::

use Symfony\Component\HttpFoundation\Response;

$xmlContent = 'Your XML content';

$response = new Response();

$response->setContent($xmlContent);
$response->headers->set('Content-Type', 'text/xml');
$response->headers->set('Access-Control-Allow-Origin', 'http://foodmeup.dev');

// prints the headers followed by the content
$response->send();

未经过测试

修改

您可能必须设置事件响应：

$response = $event->getResponse(); $response->headers->set('Access-Control-Allow-Headers', 'origin, content-type, accept'); ... $event->setResponse($response);

Symfony2：允许使用谷歌图表访问Control-Allow-Origin

3 个答案: