dshyu6866 2017-07-27 16:41
浏览 83

对symfony api的ajax请求返回没有'Access-Control-Allow-Origin'标头存在

I am making simple application with React that sends ajax requests to API made with Symfony. I am developing both the react app and symfony api. I am sending request from localhost:3000 to localhost:8000. Here is the ajax request that I am sending

addUser (data) {
    console.log('made it')
    let request = {
      method: 'post',
      url: '',
      data: JSON.stringify({'username': data}),
      contentType: 'application/json'
      .done(data => this.addUserSuccess(data))
      .fail(err => this.addUserFail(err))

and here is the Symmfony app that takes care of the request

     * Creates a new user entity.
     * @Route("/post", name="user_new")
     * @Method({"GET", "POST"})
    function newAction(Request $request ) {
        echo $request;
        $body = $request->getContent();
        $body = json_decode($body,true);
        $username = $body['username'];
        $user = new User($username);
        $em = $this->getDoctrine()->getManager();

        return new JsonResponse($user,200,array('Access-Control-Allow-Origin'=> '*'));

I am so far in the beginning and as you can see I am creating new user without password, security or anything. I just want to make it work and be able to send request from the app to the api. Here is the result

XMLHttpRequest cannot load Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:3000' is therefore not allowed access. The response had HTTP status code 405.

I have seen many questions like this one before and one of the answers was to return JsonResponse with the header and as you can see it does not work.

Here is one of the quenstions whose answer I followed - Origin is not allowed by Access-Control-Allow-Origin but unfortunately with no success.

Can you tell me how to fix it? Thank you in advance!

  • 写回答

2条回答 默认 最新

  • doumeng1089 2017-07-27 17:00

    Here's what I'm doing for the same situation. In app/config/config_dev.yml, add a new service. Putting this in config_dev.yml means this will only affect requests through app_dev.php.

            class: AppBundle\Security\CorsListener
                - { name: kernel.event_listener, event: kernel.response, method: onKernelResponse }

    And the contents of AppBundle/Security/CorsListener.php:

    namespace AppBundle\Security;
    use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
    // Based on http://stackoverflow.com/a/21720357
    class CorsListener
        public function onKernelResponse(FilterResponseEvent $event)
            $responseHeaders = $event->getResponse()->headers;
            $responseHeaders->set('Access-Control-Allow-Headers', 'origin, content-type, accept, credentials');
            $responseHeaders->set('Access-Control-Allow-Origin', 'http://localhost:8080');
            $responseHeaders->set('Access-Control-Allow-Credentials', 'true');
            $responseHeaders->set('Access-Control-Allow-Methods', 'POST, GET, PUT, DELETE, PATCH, OPTIONS');
    本回答被题主选为最佳回答 , 对您是否有帮助呢?



  • ¥20 R语言单细胞测序 对seurat对象进行标准化时出现问题
  • ¥15 Anaconda navigator updateor一直更新
  • ¥15 请问如何在matlab里使用raven工具?
  • ¥100 关于ios手游充值到一定金额,再点充值提示公众号的问题。
  • ¥15 求一个stm32串口控制程序
  • ¥20 Windows 驱动开发版本疑问相关
  • ¥15 MAC 未能打开磁盘映像
  • ¥15 fastcap使用,二维导体输入问题
  • ¥15 hosts修改后不能访问
  • ¥15 关于化学反应速率C++编译问题/FLUENT