【发布时间】:2017-05-28 17:49:49
【问题描述】:
这是来自浏览器控制台的错误日志 XMLHttpRequest 无法加载 http://domain.com/xx/xxxxxxxx。预检响应包含无效的 HTTP 状态代码 404
这是 Postman 中收到的预期响应
{
"status": "success",
"code": "E012",
"message": "Contact sent"
}
这是来自 Angular 2 的请求
makeRequest(name, recipient) {
let body = JSON.stringify({
"name": name,
"recipient": recipient
});
let authToken = localStorage.getItem('token');
console.log(authToken);
let headers = new Headers({'Authorization': authToken , 'Content-Type': 'application/json'});
let options = new RequestOptions({headers: headers});
return this.http.post(url, body, options )
.map(res => res.json());
}
这里是 Yii2 中的行为函数
public function behaviors()
{
$behaviors = parent::behaviors();
// remove authentication filter
$auth = $behaviors['authenticator'];
unset($behaviors['authenticator']);
// add CORS filter
$behaviors['corsFilter'] = [
'class' => Cors::className(),
'cors' => [
// restrict access to
'Origin' => ['*'],
'Access-Control-Request-Method' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'],
// Allow only POST and PUT methods
'Access-Control-Request-Headers' => ['*'],
// Allow only headers 'X-Wsse'
'Access-Control-Allow-Credentials' => true,
// Allow OPTIONS caching
'Access-Control-Max-Age' => 86400,
// Allow the X-Pagination-Current-Page header to be exposed to the browser.
'Access-Control-Expose-Headers' => [],
],
];
// re-add authentication filter
$behaviors['authenticator'] = $auth;
// avoid authentication on CORS-pre-flight requests (HTTP OPTIONS method)
$behaviors['authenticator']['except'] = ['options'];
return $behaviors;
}
这是我的 UrlManager
'urlManager' => [
'enablePrettyUrl' => true,
'enableStrictParsing' => true,
'showScriptName' => false,
'rules' => [
'POST <version:[\w-]+>/sms' => '<version>/sms/send',
'POST <version:[\w-]+>/users/verify' => '<version>/user/verify',
'POST <version:[\w-]+>/bulk' => '<version>/routine/index',
'POST <version:[\w-]+>/contact' => '<version>/contact/index'],
【问题讨论】:
-
从正文中移除 JSON.stringify
-
@Akanksha 谢谢,但这并不能解决我遇到的预检错误
-
在 Postman 中,您选择发送 POST 请求。真正的浏览器不能那样工作。应首先发送 OPTIONS 请求以检查是否允许 POST。我想那是失败的那个。你能显示你的 php 控制器的
behaviors()函数的内容吗?您要扩展哪个父控制器?是 ActiveController 吗? -
您的服务需要支持选项请求。您可以谷歌如何为您用于后端的语言和框架解析
CORS。 -
@SalemOuerdani 我已经编辑了我的问题以显示行为功能。我还在基础控制器中扩展了控制器类