V
V
v_i_kaisarov2020-07-27 15:36:50
Apache HTTP Server
v_i_kaisarov, 2020-07-27 15:36:50

Yii2 how to disable CORS?

My controller

namespace app\controllers;

use common\models\User;
use yii\rest\ActiveController;
use yii\filters\Cors;

class UserController extends ActiveController {
    public $modelClass = 'app\models\User';
    public $enableCsrfValidation = false;

    public static function allowedDomains() {
        return [
            '*',
        ];
    }

    /**
     * @inheritdoc
     */
    public function behaviors() {
        return array_merge(parent::behaviors(), [

            // For cross-domain AJAX request
            'corsFilter'  => [
                'class' => \yii\filters\Cors::className(),
                'cors'  => [
                    // restrict access to domains:
                    'Origin'                           => static::allowedDomains(),
                    'Access-Control-Request-Method'    => ['*'],
                    'Access-Control-Allow-Credentials' => true,
                    'Access-Control-Max-Age'           => 3600,                 // Cache (seconds)
                ],
            ],

        ]);
    }
}

Headers are not received in the response from the server
5f1eca4d2ce0e117866006.png

Answer the question

In order to leave comments, you need to log in

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question