我刚刚在dev server上安装了一个新的wp。我正在尝试对其余的api(插件,因为它是wp v.4.6.3)进行身份验证,使用位于我的计算机/设备上的ionic / angularjs应用程序。目前正在使用JWT Authentication for WP-API插件。 这是我的标题,在HTTP Headers插件的帮助下:
content-encoding: gzip
x-powered-by: php/5.5.9-1ubuntu4.21
connection: keep-alive
content-length: 3361
keep-alive: timeout=5, max=95
access-control-allow-headers: accept, authorization, cache-control, cookie, content-type, origin
server: apache/2.4.7 (ubuntu)
x-frame-options: allow-from *
vary: accept-encoding
access-control-allow-methods: get, post, options, head, put, delete, trace, connect, patch
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: cache-control, cookie, content-type, origin
cache-control: no-cache, must-revalidate, max-age=0
无论我做什么,我都会收到一些CORS错误。最近的是:
请求标头字段不允许使用Content-Type 预检响应中的Access-Control-Allow-Headers。
JWT插件在文档中也提到了编辑.htaccess和wp-config.php,我做了。尝试了htacces编辑和/或插件的几种组合。但是弹出相同或类似的错误。
这是我的代码,基于JWT插件的文档(凭证/网址有效!):
var apiHost = 'http://dev.imok.ro/authworks/wp-json';
$http.post( apiHost + '/jwt-auth/v1/token', {
username: 'admin',
password: 'admin!@#'
})
.then( function( response ) {
console.log( 'siker', response.data )
})
.catch( function( error ) {
console.error( 'Errorrrr', error );
});
htaccess的:
#<ifModule mod_headers.c>
# Header always set Access-Control-Allow-Origin: *
## Header always set Access-Control-Allow-Methods "POST, GET, PUT, DELETE, OPTIONS"
## Header always set Access-Control-Allow-Headers "content-type"
#</ifModule>
<IfModule mod_rewrite.c>
#SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
RewriteEngine on
RewriteCond %{HTTP:Authorization} ^(.*)
RewriteRule ^(.*) - [E=HTTP_AUTHORIZATION:%1]
RewriteEngine On
RewriteBase /authworks/
RewriteRule ^index\.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /authworks/index.php [L]
</IfModule>
感谢您的帮助! MAGOR
答案 0 :(得分:2)
您可以通过编辑public / class-jwt-auth-public.php来解决此问题
public function add_cors_support()
{
$enable_cors = defined('JWT_AUTH_CORS_ENABLE') ? JWT_AUTH_CORS_ENABLE : false;
if ($enable_cors) {
remove_filter( 'rest_pre_serve_request', 'rest_send_cors_headers' );
add_filter( 'rest_pre_serve_request', function( $value ) {
header( 'Access-Control-Allow-Origin: *' );
header( 'Access-Control-Allow-Methods: GET, POST, UPDATE, DELETE' );
header( 'Access-Control-Allow-Headers: Authorization, Content-Type' );
header( 'Access-Control-Allow-Credentials: true' );
return $value;
});
// $headers = apply_filters('jwt_auth_cors_allow_headers', 'Access-Control-Allow-Headers, Content-Type, Authorization');
// header(sprintf('Access-Control-Allow-Headers: %s', $headers));
}
}
我已提交了PR