当我打电话给服务器没有头,它的工作和服务器返回json:
this.http.get(url)
var headers = new Headers({'x-id': '1'});
this.http.get(url,{'headers': headers})
浏览器返回错误:
XMLHttpRequest cannot load http://domain/api/v1/. Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access.
我也尝试添加Origin头 – 浏览器错误:拒绝设置不安全标题“Origin”
和Access-Control-Allow-Origin标题 – 没有影响
在服务器(Laravel)上我创建了中间件Cors.PHP:
<?PHP namespace App\Http\Middleware; use Closure; class Cors { public function handle($request,Closure $next) { return $next($request) ->header('Access-Control-Allow-Origin','http://localhost:3000') ->header('Access-Control-Allow-Methods','GET,POST,PUT,DELETE,OPTIONS') ->header('Access-Control-Allow-Headers','x-id'); } }
Im new to angular2和CORS请求,不知道该怎么办.
>角度:2.0.0-beta.0
> Laravel:5.0
>浏览器:Google Chrome
带有CORS的预检索请求意味着OPTIONS HTTP请求在实际之前执行.您可以从简单的请求切换到一个,因为在GET方法的情况下添加自定义头.这个链接可以帮助你了解会发生什么:
http://restlet.com/blog/2015/12/15/understanding-and-using-cors/.
在执行跨域请求时,浏览器会自动添加Origin标头.
我认为您的问题在Access-Control-Allow-Origin标头内.您必须设置进行呼叫的主机而不是服务器的地址.你应该这样做(如果你的Angular2应用程序在本地主机上运行:8080):
return $next($request)
->header('Access-Control-Allow-Origin','http://localhost:8080')
->header('Access-Control-Allow-Methods',OPTIONS')
->header('Access-Control-Allow-Headers','x-id');
希望它能帮助你,蒂埃里
