29 lines
1006 B
PHP
29 lines
1006 B
PHP
|
<?php
|
|||
|
|
namespace app\middleware;
|
|||
|
|
|
|||
|
|
use Webman\Http\Request;
|
|||
|
|
use Webman\Http\Response;
|
|||
|
|
use Webman\MiddlewareInterface;
|
|||
|
|
|
|||
|
|
class CrossDomain implements MiddlewareInterface
|
|||
|
|
{
|
|||
|
|
public function process(Request $request, callable $next): Response
|
|||
|
|
{
|
|||
|
|
// 动态允许请求来源(支持携带Cookie)
|
|||
|
|
$origin = $request->header('origin', '*');
|
|||
|
|
$response = $next($request);
|
|||
|
|
|
|||
|
|
// 设置跨域响应头
|
|||
|
|
$response->withHeaders([
|
|||
|
|
'Access-Control-Allow-Origin' => $origin,
|
|||
|
|
'Access-Control-Allow-Methods' => 'GET, POST, PUT, DELETE, OPTIONS',
|
|||
|
|
'Access-Control-Allow-Headers' => 'Content-Type, Authorization, X-Requested-With',
|
|||
|
|
'Access-Control-Allow-Credentials' => 'true', // 允许携带Cookie
|
|||
|
|
'Access-Control-Max-Age' => 86400, // 预检请求缓存时间(秒)
|
|||
|
|
'Vary' => 'Origin' // 避免缓存干扰
|
|||
|
|
]);
|
|||
|
|
|
|||
|
|
return $response;
|
|||
|
|
}
|
|||
|
|
}
|