Detailed explanation of cross-domain solutions in laravel development-PHP Tutorial-php.cn

Home

Backend Development

PHP Tutorial

Detailed explanation of cross-domain solutions in laravel development

黄舟

Nov 01, 2017 am 09:19 AM

laravelmethodsolve

Preface

As we all know, when we use laravel for development, especially when the front-end and back-end are completely separated, since the front-end project runs on the designated port of our own machine ( It may also be someone else's machine), such as localhost:8000, and the laravel program runs on another port, so it is cross-domain. However, due to the browser's same-origin policy, cross-domain requests are illegal. In fact, this problem is easy to solve, just add a middleware. Not much to say below, let’s follow the editor to see the detailed solutions.

Solution:

1. Create a new middleware

php artisan make:middleware EnableCrossRequestMiddleware

2. Write the middleware content

<?php
namespace App\Http\Middleware;
use Closure;
class EnableCrossRequestMiddleware
{
 /**
 * Handle an incoming request.
 *
 * @param \Illuminate\Http\Request $request
 * @param \Closure $next
 * @return mixed
 */
 public function handle($request, Closure $next)
 {
 $response = $next($request);
 $origin = $request->server(&#39;HTTP_ORIGIN&#39;) ? $request->server(&#39;HTTP_ORIGIN&#39;) : &#39;&#39;;
 $allow_origin = [
  &#39;http://localhost:8000&#39;,
 ];
 if (in_array($origin, $allow_origin)) {
  $response->header(&#39;Access-Control-Allow-Origin&#39;, $origin);
  $response->header(&#39;Access-Control-Allow-Headers&#39;, &#39;Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN&#39;);
  $response->header(&#39;Access-Control-Expose-Headers&#39;, &#39;Authorization, authenticated&#39;);
  $response->header(&#39;Access-Control-Allow-Methods&#39;, &#39;GET, POST, PATCH, PUT, OPTIONS&#39;);
  $response->header(&#39;Access-Control-Allow-Credentials&#39;, &#39;true&#39;);
 }
 return $response;
 }
}

$allow_origin ArrayThe variable is your allowed cross-domain list and can be modified by yourself.

3. Then register the middleware in the kernel file

 protected $middleware = [
 // more
 App\Http\Middleware\EnableCrossRequestMiddleware::class,
 ];

Add it to the $middleware attribute of the App\Http\Kernel class. The middleware registered here belongs to the global middleware.
Then you will find that the front-end page can already send cross-domain requests.

It is normal that there will be one more request with method set to options, because the browser must first determine whether the server allows the cross-domain request.

Summarize

The above is the detailed content of Detailed explanation of cross-domain solutions in laravel development. For more information, please follow other related articles on the PHP Chinese website!

Statement

The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn