为什么我收到 XMLHttpRequest cannot load - Preflight response is not successful Error only with Delete method?
Why I am getting XMLHttpRequest cannot load - Preflight response is not successful Error with Delete method only?
PHP资源文件:
<?php
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
header("Access-Control-Allow-Methods: POST, DELETE, OPTIONS, GET, PUT");
header("Access-Control-Max-Age: 3600");
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
require_once ("center_service.php");
$data = json_decode(file_get_contents("php://input"));
$method = $_SERVER['REQUEST_METHOD'];
if (!isset($routes[2])) {
$sql = "SELECT * FROM centers;";
Center::readCenter($sql);
} else if (isset($routes[2]) && is_numeric($routes[2]) && $method === "GET") {
$sql = "SELECT * FROM centers WHERE id='$routes[2]';";
Center::readCenter($sql);
} else if (isset($routes[2]) && is_numeric($routes[2]) && $method === "DELETE") {
Center::deleteCenter($routes[2]);
}
else {
header('HTTP/1.0 404 Not Found');
require '404.php';
}
Angular服务文件:
readonly ROOT_URL = 'http://localhost/ecdweb/api/index.php';
getCenters(): Observable<Center[]> {
return this.http.get<Center[]>(this.ROOT_URL + '/centers');
}
deleteCenter(id: number): Observable<{}> {
return this.http.delete(this.ROOT_URL + '/centers/' + id);
}
get 方法有效,return 结果,但不适用于 delete 方法。如果是因为 CORS,那么为什么 get 方法有效?
控制台日志:
网络:
相关问题:
好的,我认为这是因为如果方法不同于 GET 或 DELETE 你 return 一个 404。所以当预检请求被处理时(动词 OPTIONS)你 return 一个 404。
这是 PHP (here)
中的 CORS 示例
主题是:
The important point here is that the API script needs to recognise when an initial OPTIONS request has been received, and to return the appropriate access control headers in that case (and nothing more). Following this, the browser then initiates a second request in which the real work is done.
在你的具体情况下,我认为代码应该是:
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers');
exit;
}
如果你想更全面地启用cors,你可以添加
header('Access-Control-Allow-Origin: *');
在您的 php 脚本中 (see here)
PHP资源文件:
<?php
header("Access-Control-Allow-Origin: *");
header("Content-Type: application/json; charset=UTF-8");
header("Access-Control-Allow-Methods: POST, DELETE, OPTIONS, GET, PUT");
header("Access-Control-Max-Age: 3600");
header("Access-Control-Allow-Headers: Content-Type, Access-Control-Allow-Headers, Authorization, X-Requested-With");
require_once ("center_service.php");
$data = json_decode(file_get_contents("php://input"));
$method = $_SERVER['REQUEST_METHOD'];
if (!isset($routes[2])) {
$sql = "SELECT * FROM centers;";
Center::readCenter($sql);
} else if (isset($routes[2]) && is_numeric($routes[2]) && $method === "GET") {
$sql = "SELECT * FROM centers WHERE id='$routes[2]';";
Center::readCenter($sql);
} else if (isset($routes[2]) && is_numeric($routes[2]) && $method === "DELETE") {
Center::deleteCenter($routes[2]);
}
else {
header('HTTP/1.0 404 Not Found');
require '404.php';
}
Angular服务文件:
readonly ROOT_URL = 'http://localhost/ecdweb/api/index.php';
getCenters(): Observable<Center[]> {
return this.http.get<Center[]>(this.ROOT_URL + '/centers');
}
deleteCenter(id: number): Observable<{}> {
return this.http.delete(this.ROOT_URL + '/centers/' + id);
}
get 方法有效,return 结果,但不适用于 delete 方法。如果是因为 CORS,那么为什么 get 方法有效?
控制台日志:
网络:
相关问题:
好的,我认为这是因为如果方法不同于 GET 或 DELETE 你 return 一个 404。所以当预检请求被处理时(动词 OPTIONS)你 return 一个 404。
这是 PHP (here)
中的 CORS 示例主题是:
The important point here is that the API script needs to recognise when an initial OPTIONS request has been received, and to return the appropriate access control headers in that case (and nothing more). Following this, the browser then initiates a second request in which the real work is done.
在你的具体情况下,我认为代码应该是:
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Headers: X-Requested-With, content-type, access-control-allow-origin, access-control-allow-methods, access-control-allow-headers');
exit;
}
如果你想更全面地启用cors,你可以添加
header('Access-Control-Allow-Origin: *');
在您的 php 脚本中 (see here)