我有一个API,它在服务器上获取一些日期。
public function post_events()
{
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST');
header("Access-Control-Allow-Headers: X-Requested-With");
$city = Input::post('city','all');
$c = Model_chart::format_chart($city);
return $this->response($c);
}
它适用于通常的卷曲方法。但我试图在Angular.js上使用$http访问它,结果出现了这个错误。
XMLHttpRequest无法加载http://event.deremoe.com/vendor/events.json.不请求的上存在"Access Control Allow Origin"标头资源原点'http://app.event.chart因此不允许通道
正如您所看到的,我已经在函数中添加了头。我还检查了curl,当我调用api时,会附加标题Access Control Allow Origin。
我这里缺了什么吗?
更多信息:这是通过正常卷曲返回给我的头信息。
Remote Address:104.28.19.112:80
Request URL:http://event.deremoe.com/vendor/events.json
Request Method:OPTIONS
Status Code:404 Not Found
Request Headersview source
Accept:*/*
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Access-Control-Request-Headers:accept, content-type
Access-Control-Request-Method:POST
Connection:keep-alive
Host:event.deremoe.com
Origin:http://app.event.chart
Referer:http://app.event.chart/
User-Agent:Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.120 Safari/537.36
Response Headersview source
CF-RAY:16f687416fe30c35-SEA
Connection:keep-alive
Content-Encoding:gzip
Content-Type:text/html; charset=UTF-8
Date:Thu, 25 Sep 2014 10:27:17 GMT
Server:cloudflare-nginx
Set-Cookie:__cfduid=d1a9e4283faacc0a2b029efef586b6b931411640837342; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.deremoe.com; HttpOnly
Transfer-Encoding:chunked
X-Powered-By:PHP/5.4.30
浏览器首先对您的api进行飞行前选项调用,这就是它触发错误的原因:Access-Control-Allow-Origin。你可以在你的api上创建一个接受所有OPTIONS请求的端点,你还必须像在postevents:上一样设置那里的头
header('Access-Control-Allow-Origin: *');
您还收到的状态代码是404 Not Found。这意味着无法找到OPTIONS端点。