在生产服务器上使用Laravel 7时发生CORS政策错误

时间:2020-07-14 14:30:08

标签: php laravel cors

我在Laravel 7上出现错误

Access to XMLHttpRequest at 'https://developer.api.autodesk.com/modelderivative/v2/viewers/7.*/lmvworker.min.js' from origin 'https://my.site.com' has been blocked by CORS policy: The 'Access-Control-Allow-Origin' header has a value 'http://127.0.0.1:8000' that is not equal to the supplied origin.

它在localhost上正常工作,但是当我在生产服务器上运行时,会显示错误。

我不明白为什么在生产服务器上将“ Access-Control-Allow-Origin”标头设置为“ http://127.0.0.1:8000”。

这是我的 config / cors.php (我也尝试过'paths'=> ['*'])

'paths' => [],

'allowed_methods' => ['*'],

'allowed_origins' => ['*'],

'allowed_origins_patterns' => [],

'allowed_headers' => ['*'],

'exposed_headers' => false,

'max_age' => false,

'supports_credentials' => false,

Http / Kernel.php 

protected $middleware = [
    \Fruitcake\Cors\HandleCors::class,
    \App\Http\Middleware\CheckForMaintenanceMode::class,
    \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
    \App\Http\Middleware\TrimStrings::class,
    \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
    \App\Http\Middleware\TrustProxies::class,
    \App\Http\Middleware\SetLocale::class
];

config / app.php 

'providers' => [

    /*
     * Laravel Framework Service Providers...
     */
    Illuminate\Auth\AuthServiceProvider::class,
    Illuminate\Broadcasting\BroadcastServiceProvider::class,
    ...
    ...
    Fruitcake\Cors\CorsServiceProvider::class
],

1 个答案:

答案 0 :(得分:1)

注意:对于allowed_origins,在不使用通配符时必须包括方案,例如。 ['http://example.com','https://example.com']。您还必须考虑到在使用allowed_origins_patterns时会出现该方案。

参考:https://github.com/fruitcake/laravel-cors#options

相关问题
最新问题