Answer the question
In order to leave comments, you need to log in
V
V
v_i_kaisarov2020-08-20 16:34:04
v_i_kaisarov, 2020-08-20 16:34:04
Yii2 CORS policy: Response to preflight request doesn't pass access control check why so?
I'm trying to upload an image to the server, it gives errors
error
Access to fetch at 'test/api/photo' from origin 'localhost:8080' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
POST test/api/photo net::ERR_FAILED
Uncaught (in promise) TypeError: Failed to fetch
Access to fetch at 'test/api/photo' from origin 'localhost:8080' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. If an opaque response serves your needs, set the request's mode to 'no-cors' to fetch the resource with CORS disabled.
POST test/api/photo net::ERR_FAILED
Uncaught (in promise) TypeError: Failed to fetch
I don't understand how to turn it off
Here is my behaviors
public function behaviors()
{
$behaviors = parent::behaviors();
$auth = $behaviors['authenticator'];
unset($behaviors['authenticator']);
$behaviors['corsFilter'] = [
'class' => \yii\filters\Cors::className(),
'cors' => [
'Access-Control-Allow-Origin' => ['*'],
'Access-Control-Request-Method' => ['GET', 'POST', 'PUT', 'PATCH', 'DELETE', 'HEAD', 'OPTIONS'],
'Access-Control-Request-Headers' => ['*'],
'Access-Control-Allow-Credentials' => true,
'Access-Control-Max-Age' => 86400,
'Access-Control-Expose-Headers' => [],
]
];
$behaviors['authenticator'] = [
'class' => \app\filters\BearerAuth::className(),
];
$behaviors['authenticator']['except'] = ['options'];
return $behaviors;
}If you need it, here is the full code https://github.com/VKaysarov/REST-API-WorldSkills-
Interestingly, UserConroller managed to turn off CORS like this
1 answer(s)
@svisch
S
Shurik, 2020-08-20 @svisch
Recently suffered with CORS on yii. What I didn’t try, in the end it only helped to add the following to index.php
I had apache, if you have a different web server, then I think you need to google it.
// Allow from any origin
if (isset($_SERVER['HTTP_ORIGIN'])) {
// should do a check here to match $_SERVER['HTTP_ORIGIN'] to a
// whitelist of safe domains
header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Max-Age: 86400'); // cache for 1 day
}
// Access-Control headers are received during OPTIONS requests
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
}
Similar questions
Y
M
C
S
C
Carlos Rodriguez2015-01-21 17:55:11
Yii2. How to force \yii\bootstrap\Modal to send form request?
1Reply
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question