| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354 |
- <?php
- // +----------------------------------------------------------------------
- // | LARAVEL8.0 框架 [ LARAVEL ][ RXThinkCMF ]
- // +----------------------------------------------------------------------
- // | 版权所有 2017~2021 LARAVEL研发中心
- // +----------------------------------------------------------------------
- // | 官方网站: http://www.laravel.cn
- // +----------------------------------------------------------------------
- // | Author: laravel开发员 <laravel.qq.com>
- // +----------------------------------------------------------------------
- namespace App\Http\Middleware;
- use Closure;
- use Illuminate\Http\Request;
- /**
- * 跨域解决方案
- * @author laravel开发员
- * @since 2021/1/10
- * Class EnableCrossRequestMiddleware
- * @package App\Http\Middleware
- */
- class EnableCrossRequestMiddleware
- {
- /**
- * Handle an incoming request.
- *
- * @param \Illuminate\Http\Request $request
- * @param \Closure $next
- * @return mixed
- */
- public function handle(Request $request, Closure $next)
- {
- $response = $next($request);
- $origin = $request->server('HTTP_ORIGIN') ? $request->server('HTTP_ORIGIN') : '';
- $allow_origin = [];
- if (empty($allow_origin) || in_array($origin, $allow_origin)) {
- //允许所有资源跨域
- $response->headers->set('Access-Control-Allow-Origin', $origin);
- // 允许通过的响应报头
- $response->headers->set('Access-Control-Allow-Headers', 'Origin, Content-Type, Cookie, X-CSRF-TOKEN, Accept, Authorization, X-XSRF-TOKEN');
- // 允许axios获取响应头中的Authorization
- $response->headers->set('Access-Control-Expose-Headers', 'Authorization, authenticated');
- // 允许的请求方法
- $response->headers->set('Access-Control-Allow-Methods', 'GET, POST, PATCH, PUT, OPTIONS, DELETE');
- //允许的请求方法
- $response->headers->set('Allow', 'GET, POST, PATCH, PUT, OPTIONS, delete');
- // 运行客户端携带证书式访问
- $response->headers->set('Access-Control-Allow-Credentials', 'true');
- }
- return $response;
- }
- }
|
