Why does the status code 302 come with an OPTIONS request?

S

serking772019-12-18 15:49:26

Yii

serking77, 2019-12-18 15:49:26

I am developing a site on YII2, from the frontend I am making a CORS OPTIONS request to an action email. I get 302 in response.

public function behaviors()
    {
        return [
            'access' => [
                'class' => AccessControl::className(),
                'only' => ['login', 'remind', 'logout', 'phone-confirmation', 'registration', 'password', 'phone', 'email', 'payments', 'templates', 'template', 'email-confirmation', 'feed', 'get-points', 'get-count-payment'],
                'rules' => [
                    [
                        'actions' => ['phone-confirmation', 'email-confirmation', 'get-points', 'feed', 'login', 'get-count-payment'],
                        'allow' => true,
                        'roles' => ['?', '@'],//all users
                    ],
                    [
                        'actions' => ['remind', 'registration'],
                        'allow' => true,
                        'roles' => ['?'],//only guests
                    ],
                    [
                        'actions' => ['password', 'phone', 'email', 'payments', 'templates', 'template', 'logout'],
                        'allow' => true,
                        'roles' => ['@'],//only logged users
                    ]
                ],
            ],
            'verbs' => [
                'class' => VerbFilter::className(),
                'actions' => [
                    'login' => ['post', 'options'],
                    'remind' => ['post', 'options'],
                    'logout' => ['get'],
                    'phone-confirmation' => ['post', 'options'],
                    'registration' => ['post', 'options'],
                    'password' => ['post', 'options'],
                    'phone' => ['post', 'options'],
                    'email' => ['post', 'options'],
                    'email-confirmation' => ['get'],
                    'payments' => ['get'],
                    'templates' => ['get'],
                    'template' => ['post', 'put', 'delete', 'get', 'options'],
                    'get-points' => ['get'],
                    'get-count-payment' => ['get'],
                    'feed' => ['post', 'options'],
                ],
            ],
            'corsFilter' => [
                'class' => Cors::className(),
                'cors' => [
                    'Origin' => ['*'],
                    'Access-Control-Request-Method' => ['GET', 'POST', 'PUT', 'OPTIONS'],
                    'Access-Control-Request-Headers' => ['*'],
                    'Access-Control-Allow-Credentials' => true,
                ]
            ],
        ];
    }

How to setup proper request handling with OPTIONS method in YII2?
Are CORS requests allowed by the OPTIONS method for authorized users

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

L

LaXiTy, 2019-12-19
@serking77

And in urlManager->rules there is a rule for handling options requests?
something like

'OPTIONS <object:[\w\d\-/@\.]+>'  => 'site/site/options'