Files
school2/modules/Common/Middlewares/AllowCrossDomainMiddleware.php
T
2026-07-13 15:23:29 +08:00

35 lines
1.0 KiB
PHP

<?php
namespace Modules\Common\Middlewares;
use Closure;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;
class AllowCrossDomainMiddleware
{
/**
* Handle an incoming request.
*
* @param Closure(Request): (Response) $next
*/
public function handle(Request $request, Closure $next): Response
{
$response = $next($request);
// 添加跨域头
$response->headers->set('Access-Control-Allow-Origin', '*');
$response->headers->set('Access-Control-Allow-Credentials', 'true');
$response->headers->set('Access-Control-Max-Age', 1800);
$response->headers->set('Access-Control-Allow-Methods', 'GET, POST, PUT, DELETE, OPTIONS');
$response->headers->set('Access-Control-Allow-Headers', 'Content-Type, Authorization, X-Requested-With, User-Language');
// 如果是预检请求, 返回 204
if ($request->isMethod('OPTIONS')) {
return response()->json([], 204, $response->headers->all());
}
return $response;
}
}