跨域

app/middleware/AccessControl.php

@@ -0,0 +1,28 @@
+<?php
+
+namespace app\middleware;
+
+
+
+use Webman\MiddlewareInterface;
+use Webman\Http\Response;
+use Webman\Http\Request;
+
+class AccessControl implements MiddlewareInterface
+{
+    public function process(Request $request, callable $handler) : Response
+    {
+        // 如果是options请求则返回一个空响应，否则继续向洋葱芯穿越，并得到一个响应
+        $response = $request->method() == 'OPTIONS' ? response('') : $handler($request);
+
+        // 给响应添加跨域相关的http头
+        $response->withHeaders([
+            'Access-Control-Allow-Credentials' => 'true',
+            'Access-Control-Allow-Origin' => $request->header('origin', '*'),
+            'Access-Control-Allow-Methods' => $request->header('access-control-request-method', '*'),
+            'Access-Control-Allow-Headers' => $request->header('access-control-request-headers', '*'),
+        ]);
+
+        return $response;
+    }
+}

config/middleware.php

@@ -12,4 +12,8 @@
  * @license   http://www.opensource.org/licenses/mit-license.php MIT License
  */
 
-return [];
+return [
+    '' => [
+        app\middleware\AccessControl::class
+    ]
+];

public/index.php

@@ -4,10 +4,7 @@
  */
 
 use support\App;
-header('Access-Control-Allow-Origin: *');  // 允许所有域访问
+
-header('Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS');
-header('Access-Control-Allow-Headers: X-Requested-With, Content-Type, Accept, Origin, Authorization');
-header('Access-Control-Allow-Credentials: true');  // 允许发送Cookie等认证信息
 chdir(__DIR__);
 require_once __DIR__ . '/../vendor/autoload.php';