这个案例很容易理解,我已经粘贴了足够的关于这个问题的信息。感谢您的耐心等待。 :)
有一种情况我使用JQuery File Upload (UI)直接从客户端浏览器将图像上传到AWS S3,这里是帖子数据:
AWSAccessKeyId:xxxxxx,
key:filename.jpg,
政策:xxxxxx,
签名:xxxxx,
acl:'私人',
success_action_redirect: 'http://example.org/test',
'Content-Type':x.type
政策和签名完全没问题,图片也已上传。
但重定向到预定义的网址http://example.org/test时出现问题:
XMLHttpRequest cannot load https://s3-eu-west-1.amazonaws.com/mybucket/.
The request was redirected to 'http://localhost:8000/test?bucket=mybucket&key=filename.jpg&etag=xxxxxxxx',
which is disallowed for cross-origin requests that require preflight.
我粘贴了https://s3-eu-west-1.amazonaws.com/mybucket/
请求:
POST /mybucket/ HTTP/1.1
Host: s3-eu-west-1.amazonaws.com
Connection: keep-alive
Content-Length: 298856
Origin: http://localhost:8000
X-CSRF-TOKEN: H5HRwmtwCVAxIgmAvM8YL5bgayuDyyQV2UKUqnhT
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.80 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryhI9Z5605GrykYXvT
Accept: application/json, text/javascript, */*; q=0.01
Content-Disposition: attachment; filename="xxxxxxx"
Referer: http://localhost:8000/xxxxxxxx
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
响应:
HTTP/1.1 303 See Other
x-amz-id-2: g1VdA6dwEHl+y/C8nSTD7qzxL7gX9o3c0JV7Cj7cKYDeUPNvlrkRzaJEz4PtNFCPZhOAhA8pqzw=
x-amz-request-id: 48C7F5DB54CCEF65
Date: Thu, 29 Oct 2015 02:35:31 GMT
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT
Vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method
ETag: "772d776abbc1bb619d208c92d4b986c9"
Location: http://localhost:8000/test?bucket=mybucket&key=filename.jpg&etag=xxxxxxxx
Content-Length: 0
Server: AmazonS3
对于在Laravel 5.1中实现的重定向端点http://example.org/test。以下是相关路线:
Route::group(['prefix' => 'test'], function () {
Route::options('/', function(){
return response(null, 204)
->header('Access-Control-Allow-Origin' , '*')
->header('Access-Control-Allow-Credentials', 'true')
->header('Access-Control-Allow-Methods', 'POST, GET, OPTIONS')
->header('Access-Control-Allow-Headers', 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type')
->header('Access-Control-Max-Age', '1728000')
->header('Content-Type', 'text/plain charset=UTF-8')
->header('Content-Length', '0');
});
Route::get('/', function () {
return response('test', 200)
->header('Access-Control-Allow-Origin' , '*')
->header('Access-Control-Allow-Credentials', 'true')
->header('Access-Control-Allow-Methods', 'POST, GET, OPTIONS')
->header('Access-Control-Allow-Headers', 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type');
});
});
直接GET http://example.org/test时,这里是HTTP响应标头:
Access-Control-Allow-Credentials:true
Access-Control-Allow-Headers:DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Access-Control-Allow-Methods:POST, GET, OPTIONS
Access-Control-Allow-Origin:*
Cache-Control:no-cache
Connection:close
Content-Type:text/html; charset=UTF-8
Date:Thu, 29 Oct 2015 02:47:51 GMT
Host:localhost:8000
任何人都可以帮我弄清问题在哪里?谢谢!