yii2 RESTFUL API浏览器被CORS策略阻止

时间:2020-10-03 09:45:01

标签: react-native api yii2 request cors

使用时出现问题: https://github.com/sirinibin/Yii2-RESTful-API-with-OAuth2?fbclid=IwAR1i5XhcRIov2iT9HPJErVd_FjnYfVoYL5AREOid8QmdDOjmI7K1d-GKMIk

,它工作正常,但是从浏览器(从reactNative获取)中,我有错误: enter image description here

enter image description here

如何为所有请求添加选项?

谢谢

2 个答案:

答案 0 :(得分:0)

解决: https://github.com/yiisoft/yii2/blob/master/framework/filters/Cors.php#L111

在Cors.php中的Action之前添加:

    if ($this->request->isOptions && $this->request->headers->has('Access-Control-Request-Method')) {
        // it is CORS preflight request, respond with 200 OK without further processing
        $this->response->setStatusCode(200);
        return false;
    }

感谢Leandro Gehlen

答案 1 :(得分:-1)

您可以尝试在RestController.php

的CORS过滤器配置中添加以下几行 
'Access-Control-Allow-Methods' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'],
'Allow' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'],

最后,它应该类似于:

public function behaviors()
    {
        $behaviors = parent::behaviors();

        $behaviors['corsFilter'] = [
            'class' => \yii\filters\Cors::className(),
            'cors' => [
                'Origin' => ['*'],
                'Access-Control-Request-Method' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'],
                'Access-Control-Request-Headers' => ['*'],
                'Access-Control-Allow-Methods' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'],
                'Allow' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'],
                'Access-Control-Allow-Credentials' => null,
                'Access-Control-Max-Age' => 86400,
                'Access-Control-Expose-Headers' => []
            ]

        ];
        return $behaviors;
    }
相关问题
最新问题