无法跨域 axios get () X-CSRF-TOKEN 不允许 Access-Control-Allow-Headers 的 preflight response?
版本号:
- Laravel Framework 5.6.22
- axios: "^0.18",
Access-Control-Allow-Headers in preflight response.
错误信息:Request header field X-CSRF-TOKEN is not allowed by Access-Control-Allow-Headers in preflight response.已经尝试过三种方法,但都没有成功
1. 在index.php的头部加入
header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS'); header('Access-Control-Allow-Headers: Origin, Content-Type, X-Auth-Token, X-CSRF-TOKEN');
2. 在相应的vue文件中读取中加入
save () { axios.get('http://xxx.com', { headers: { 'X-Requested-With': 'XMLHttpRequest' }, responseType: 'json', withCredentials: true, } ).then((response) => { . . }
3. 使用 laravel-cors
在config/cors.php指定
'supportsCredentials' => false, 'allowedOrigins' => ['*'], 'allowedHeaders' => ['Content-Type', 'X-Requested-With'], 'allowedMethods' => ['*'], // ex: ['GET', 'POST', 'PUT', 'DELETE'] 'exposedHeaders' => [], 'maxAge' => 0,
推荐文章: