报错信息如下:
Access to XMLHttpRequest at 'https://1.one.cn/checkout/cart/add' from origin 'http://localhost:8080' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
设置:'appserver_cors' => [
'Origin' => ['https://1.one.cn','http://localhost:8080'],
访问fecshop\app\appserver\modules\AppserverController 扩展类没问题
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['contentNegotiator']['formats']['text/html'] = Response::FORMAT_JSON;
$behaviors["corsFilter"] = [
'class' => \yii\filters\Cors::className(),
'cors' => Yii::$service->helper->appserver->getCors(),
];
return $behaviors;
}
访问fecshop\app\appserver\modules\AppserverTokenController 扩展类存在上述问题
public function behaviors()
{
$behaviors = parent::behaviors();
$behaviors['contentNegotiator']['formats']['text/html'] = Response::FORMAT_JSON;
$behaviors["corsFilter"] = [
'class' => \yii\filters\Cors::className(),
'cors' => Yii::$service->helper->appserver->getCors(),
];
$behaviors['authenticator'] = [
'class' => CompositeAuth::className(),
'authMethods' => [
QueryParamAuth::className(),
],
];
$rateLimit = Yii::$app->params['rateLimit'];
if(isset($rateLimit['enable']) && $rateLimit['enable']){
$behaviors['rateLimiter'] = [
'class' => RateLimiter::className(),
'enableRateLimitHeaders' => true,
];
}
return $behaviors;
}
备注:
如果将'Origin' => ['https://1.one.cn','http://localhost:8080'], 改为'Origin' => ['https://1.one.cn'],就是一个域名,可以正常访问。
在AppserverController扩展类下 Yii::$service->helper->appserver->getCors(),可以获得数组Origin: ["https://1.one.cn",“http://localhost:8080“]
在AppserverTokenController扩展类下 设置双域名,报错,设置单域名访问正常,原因要怎样查找。单域名下Yii::$service->helper->appserver->getCors(),可以获得数组Origin: ["https://1.one.cn"]