nginx + php 跨域问题,GET可以跨域成功,POST失败

OPTION 预检请求返回200

但是POST 则直接报以下错误

Access to XMLHttpRequest at 'https://api.a.com/api/tree/add/' from origin 'https://game.a.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.

php设置允许跨域配置如下：

 $_header = 'X-Requested-With,X_Requested_With,sign,token,version,source,Content-Type,Content_Type,Referer,User_Agent,User-Agent,Origin';
        //如果需要设置允许所有域名发起的跨域请求，可以使用通配符 *
        header("Access-Control-Allow-Origin: *"); // 允许任意域名发起的跨域请求
        header('Access-Control-Allow-Methods:POST,GET,OPTIONS');
        //header("Access-Control-Allow-Headers:sign,token,version,source,Content-Type,Referer,User-Agent");
        header("Access-Control-Allow-Headers:$_header");

php nginx 跨域

阅读 6.1k

4 个回答

得票最新

Mr_houzi

96453547

发布于
2020-06-01

✓ 已被采纳

跨域代码加在了哪个位置？在入口文件加一下试试

司令

584

发布于
2020-05-29

我这边用的nginx的
add_header Access-Control-Allow-Credentials true;

add_header Access-Control-Allow-Origin $http_origin always;

add_header Access-Control-Allow-Methods GET,POST,PUT,DELETE,PATCH,OPTIONS;

add_header Access-Control-Allow-Headers * always;

add_header Access-Control-Allow-Headers DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization,Accept;

add_header Access-Control-Max-Age 1728000;