我想在laravel中允许CORS的两个域在本地和服务器上使用它,因此我不想将我的应用程序暴露给任何域。我现在该死了
selected_item我既不能评论,也不能作为数组来做
答案 0 :(得分:3)
您可以定义要允许的起源数组,然后检查传入请求中是否包含以下之一:
public function handle($request, Closure $next)
{
$allowedOrigins = ['example.com', 'example1.com', 'example2.com'];
$origin = $_SERVER['HTTP_ORIGIN'];
if (in_array($origin, $allowedOrigins)) {
return $next($request)
->header('Access-Control-Allow-Origin', $origin)
->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE')
->header('Access-Control-Allow-Headers', 'Content-Type');
}
return $next($request);
}
答案 1 :(得分:0)
您可以只检查您所在的主机,然后发送与之匹配的Access-Control-Allow-Origin。
$request->getHttpHost()将为您提供请求中使用的主机名-如果您仅需基于该主机名进行区分,我们可能会忽略其他也是来源(协议,端口)一部分的内容在这里,只需将其做成类似
public function handle($request, Closure $next)
{
$origin = $request->getHttpHost() == 'localhost' ?
'http://localhost:4200' : 'http://api.example.com';
return $next($request)
->header('Access-Control-Allow-Origin', $origin)
->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE')
->header('Access-Control-Allow-Headers', 'Content-Type');
}
当然,如果需要更多可能的来源,则可以使其更“复杂”(例如,将主机名与可能的值数组匹配,并在必要时考虑协议和端口),但是如果您只是现在需要这两个,基本上应该就可以了。
答案 2 :(得分:0)
@thefallen的答案对我有用,我也遇到了@sergey的相同问题,我这样解决了。
var beforeReduce = [{"name": "FrequentExtraItemID", "value": "12"},
{"name": "ServiceType", "value": "Testing the service type"},
{"name": "Vendor", "value": "Some vendor"},
{"name": "Cost", "value": "100"},
{"name": "Description", "value": "A description"},
{"name": "ExtraServiceID", "value": "0"},
{"name": "JobExtraID", "value": "79"}];
var beforeReduce = [{"name": "FrequentExtraItemID", "value": "12"}, {"name": "ServiceType", "value": "Testing the service type"}, {"name": "Vendor", "value": "Some vendor"}, {"name": "Cost", "value": "100"}, {"name": "Description", "value": "A description"}, {"name": "ExtraServiceID", "value": "0"}, {"name": "JobExtraID", "value": "79"}];
var afterReduce = beforeReduce.reduce(function (accumulator, currentValue, currentIndex) {
if (currentIndex === 1) {
var json = {};
json[accumulator.name] = accumulator.value;
accumulator = json; // <---
}
accumulator[currentValue.name] = currentValue.value;
return accumulator;
});
console.log(afterReduce);这样,您还可以像这样在.env文件中设置变量。
public function handle($request, Closure $next)
{
$allowedOrigins = [env('FRONTEND_ENDPOINT', 'http://localhost:8080'), env('WORDPRESS_ENDPOINT', 'http://localhost'), env('EXTRA_ENDPOINT', 'http://127.0.0.1')];
if($request->server('HTTP_ORIGIN')){
if (in_array($request->server('HTTP_ORIGIN'), $allowedOrigins)) {
return $next($request)
->header('Access-Control-Allow-Origin', $request->server('HTTP_ORIGIN'))
->header('Access-Control-Allow-Origin', '*')
->header('Access-Control-Allow-Methods', 'POST, GET, OPTIONS, PUT, DELETE')
->header('Access-Control-Allow-Headers', '*');
}
}
return $next($request);
}