配置全局中间件
CORS 跨域需要服务端返回的 Response Headers 中返回允许跨域的参数。如下配置公共返回:
<?php
namespace App\Http\Middleware;
use Closure;
class CrossMiddleware
{
/**
* Handle an incoming request.
* @param $request
* @param Closure $next
* @return mixed
*/
public function handle($request, Closure $next)
{
$response = $next($request);
$response->header('Access-Control-Allow-Origin', '*');
$response->header('Access-Control-Allow-Headers', 'Keep-Alive,X-Requested-With,Cache-Control,Content-Type,auth,sign,Token,Pt,Xsign,toolken,code');
$response->header('Access-Control-Allow-Methods', 'GET, POST, OPTIONS');
$response->header('Access-Control-Allow-Credentials', 'true');
$response->header('Access-Control-Max-Age', '3600');
return $response;
}
}
异常捕获
因为浏览器会发送 options 类型的请求,路由需要设置为此类型,但是接口过多设置起来十分麻烦。可以直接捕获 HttpException 的 405 异常。
public function render($request, Throwable $exception)
{
// 如果是跨域
if ($exception instanceof HttpException && $request->method() == 'OPTIONS') {
return response()->json();
}
return parent::render($request, $exception);
}