EnableCrossRequestMiddleware.php
1.6 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
<?php
namespace App\Http\Middleware\Bside;
use Closure;
class EnableCrossRequestMiddleware
{
/**
* Handle an incoming request.
*
* @param \Illuminate\Http\Request $request
* @param \Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$response = $next($request);
$http_origin = "*";
if(isset($_SERVER['HTTP_ORIGIN'])){
$http_origin = $_SERVER['HTTP_ORIGIN'];
}
$response->header('Access-Control-Allow-Origin', $http_origin);
$response->header('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
$response->header('Access-Control-Allow-Headers', 'Origin, Content-Type, Authorization');
if (strtolower($_SERVER['REQUEST_METHOD']) == 'options') {
exit;
}
return $response;
// 指定允许其他域名访问
// $http_origin = "*";
// if(isset($_SERVER['HTTP_ORIGIN'])){
// $http_origin = $_SERVER['HTTP_ORIGIN'];
// }
// header("Access-Control-Allow-Origin:".$http_origin);
// header('Access-Control-Allow-Methods:POST,GET'); //支持的http 动作
// header('Access-Control-Allow-Credentials: true');
// header('Access-Control-Max-Age: 1000');
// header('Access-Control-Allow-Headers:Origin, X-Requested-With, Content-Type, Accept, Authorization, token'); //响应头 请按照自己需求添加。
// if (strtolower($_SERVER['REQUEST_METHOD']) == 'options') {
// exit;
// }
// return $next($request);
}
}