nginx + php 跨域问题,GET可以跨域成功,POST失败

https://api.a.com/api/game/ad...

OPTION 预检请求返回200

但是POST 则直接报以下错误

Access to XMLHttpRequest at 'https://api.a.com/api/tree/add/' from origin 'https://game.a.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

php设置允许跨域配置如下:

 $_header = 'X-Requested-With,X_Requested_With,sign,token,version,source,Content-Type,Content_Type,Referer,User_Agent,User-Agent,Origin';
        //如果需要设置允许所有域名发起的跨域请求,可以使用通配符 *
        header("Access-Control-Allow-Origin: *"); // 允许任意域名发起的跨域请求
        header('Access-Control-Allow-Methods:POST,GET,OPTIONS');
        //header("Access-Control-Allow-Headers:sign,token,version,source,Content-Type,Referer,User-Agent");
        header("Access-Control-Allow-Headers:$_header");
阅读 6.1k
4 个回答

跨域代码加在了哪个位置?在入口文件加一下试试

我这边用的nginx的
add_header Access-Control-Allow-Credentials true;

add_header Access-Control-Allow-Origin $http_origin always;

add_header Access-Control-Allow-Methods GET,POST,PUT,DELETE,PATCH,OPTIONS;

add_header Access-Control-Allow-Headers * always;

add_header Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept;

add_header Access-Control-Max-Age 1728000;

add_header Content-Length 0;

location / {

if ($request_method = 'OPTIONS') {

return 200;

}

}

用的什么框架?代码贴全嘛

设置路由,加一个反向代理

撰写回答
你尚未登录,登录后可以
  • 和开发者交流问题的细节
  • 关注并接收问题和回答的更新提醒
  • 参与内容的编辑和改进,让解决方法与时俱进
推荐问题