测试分支-部署-优化跨域报错
This commit is contained in:
@@ -3,12 +3,12 @@
|
|||||||
namespace app\process;
|
namespace app\process;
|
||||||
|
|
||||||
use Webman\App;
|
use Webman\App;
|
||||||
|
use Webman\Http\Response;
|
||||||
|
|
||||||
class Http extends App
|
class Http extends App
|
||||||
{
|
{
|
||||||
/**
|
/**
|
||||||
* 在父类处理前拦截 OPTIONS 预检,直接返回 CORS 头(避免预检未命中路由时无 CORS)
|
* 在父类处理前拦截 OPTIONS 预检,直接返回 CORS 头(避免预检未命中路由时无 CORS)
|
||||||
* 与 AllowCrossDomain::optionsResponse 一致,避免 * + Allow-Credentials 组合被浏览器拒绝
|
|
||||||
*/
|
*/
|
||||||
public function onMessage($connection, $request): void
|
public function onMessage($connection, $request): void
|
||||||
{
|
{
|
||||||
@@ -18,8 +18,19 @@ class Http extends App
|
|||||||
$path = is_string($path) ? trim($path, '/') : '';
|
$path = is_string($path) ? trim($path, '/') : '';
|
||||||
$isApiOrAdmin = $path !== '' && (str_starts_with($path, 'api') || str_starts_with($path, 'admin'));
|
$isApiOrAdmin = $path !== '' && (str_starts_with($path, 'api') || str_starts_with($path, 'admin'));
|
||||||
if ($isApiOrAdmin) {
|
if ($isApiOrAdmin) {
|
||||||
$response = \app\common\middleware\AllowCrossDomain::optionsResponse($request);
|
$origin = $request->header('origin');
|
||||||
$connection->send($response);
|
$origin = is_array($origin) ? ($origin[0] ?? '') : (is_string($origin) ? trim($origin) : '');
|
||||||
|
if ($origin === '') {
|
||||||
|
$origin = '*';
|
||||||
|
}
|
||||||
|
$headers = [
|
||||||
|
'Access-Control-Allow-Origin' => $origin,
|
||||||
|
'Access-Control-Allow-Credentials' => 'true',
|
||||||
|
'Access-Control-Max-Age' => '1800',
|
||||||
|
'Access-Control-Allow-Methods' => 'GET, POST, PUT, DELETE, PATCH, OPTIONS',
|
||||||
|
'Access-Control-Allow-Headers' => 'Content-Type, Authorization, batoken, ba-user-token, think-lang',
|
||||||
|
];
|
||||||
|
$connection->send(new Response(204, $headers, ''));
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user