frontend-admin / Daocheng-Yading

Cors.php 917 Bytes
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 
<?php
declare(strict_types=1);

namespace app\middleware;

use Closure;
use think\Request;
use think\Response;

class Cors
{
    public function handle(Request $request, Closure $next): Response
    {
        $origin = $request->header('origin', '*');
        $header = [
            'Access-Control-Allow-Origin'      => $origin ?: '*',
            'Access-Control-Allow-Methods'     => 'GET, POST, PUT, OPTIONS, DELETE',
            'Access-Control-Allow-Headers'     => 'Content-Type, Authorization, X-Admin-Token, X-Requested-With',
            'Access-Control-Allow-Credentials' => 'true',
            'Access-Control-Max-Age'           => '86400',
        ];
        if (strtoupper($request->method()) === 'OPTIONS') {
            return response('', 204)->header($header);
        }
        /** @var Response $response */
        $response = $next($request);
        return $response->header($header);
    }
}