| 12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455 |
- <?php
- // +----------------------------------------------------------------------
- // | Laravel框架 [ Laravel ]
- // +----------------------------------------------------------------------
- // | 版权所有 2017~2021 Laravel研发中心
- // +----------------------------------------------------------------------
- // | 官方网站: http://www.laravel.cn
- // +----------------------------------------------------------------------
- // | Author: wesmiler <12345678@qq.com>
- // +----------------------------------------------------------------------
- namespace App\Http\Middleware;
- use Closure;
- use Illuminate\Http\Request;
- /**
- * 跨域解决方案
- * @author wesmiler
- * @since 2021/1/10
- * Class EnableCrossRequestMiddleware
- * @package App\Http\Middleware
- */
- class EnableCrossRequestMiddleware
- {
- /**
- * Handle an incoming request.
- *
- * @param \Illuminate\Http\Request $request
- * @param \Closure $next
- * @return mixed
- */
- public function handle(Request $request, Closure $next)
- {
- $response = $next($request);
- $origin = $request->server('HTTP_ORIGIN') ? $request->server('HTTP_ORIGIN') : '';
- $allow_origin = [
- ];
- if (empty($allow_origin) || in_array($origin, $allow_origin)) {
- //允许所有资源跨域
- $response->header('Access-Control-Allow-Origin', '*');
- // 允许通过的响应报头
- $response->header('Access-Control-Allow-Headers', 'Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN');
- // 允许axios获取响应头中的Authorization
- $response->header('Access-Control-Expose-Headers', 'Authorization, authenticated');
- // 允许的请求方法
- $response->header('Access-Control-Allow-Methods', 'GET, POST, PATCH, PUT, OPTIONS, DELETE');
- //允许的请求方法
- $response->header('Allow', 'GET, POST, PATCH, PUT, OPTIONS, delete');
- // 运行客户端携带证书式访问
- $response->header('Access-Control-Allow-Credentials', 'true');
- }
- return $response;
- }
- }
|
