wpic-dev/datahub
3
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
master
datahub/backend/config/autoload/cors.php
T
admin ddb8746954 添加安装部署脚本
2026-05-11 10:41:36 +08:00

39 lines
1.1 KiB
PHP
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
declare(strict_types=1);
/**
* CORS 配置
*
* 前端 Vue (http://server:8080) 跨源访问后端 (http://server:9501) 时必需。
* 由于前端走 Bearer tokenAuthorization header)而非 cookie
* supports_credentials 保持 falseallowed_origins 可使用 '*'。
*
* 生产环境如要收紧,把 allowed_origins 改成具体域名列表。
*/
return [
// 仅对 /api/* 启用 CORS(前端调用都带此前缀)
'paths' => ['api/*'],
// 允许的方法
'allowed_methods' => ['*'],
// 允许的源(通配;若改成 supports_credentials=true,必须列具体域名)
'allowed_origins' => ['*'],
// 允许的源(正则匹配,按需启用)
'allowed_origins_patterns' => [],
// 允许的请求头
'allowed_headers' => ['*'],
// 暴露给前端的响应头
'exposed_headers' => [],
// 预检请求缓存时间(秒)
'max_age' => 7200,
// 是否允许携带凭证(cookie / 客户端证书);本项目用 Bearer token,保持 false
'supports_credentials' => false,
];
Reference in New Issue View Git Blame Copy Permalink