Home > Backend Development > PHP Tutorial > Why is my CORS implementation not working in PHP?

Why is my CORS implementation not working in PHP?

Barbara Streisand
Release: 2024-11-04 10:24:29
Original
468 people have browsed it

Why is my CORS implementation not working in PHP?

CORS Not Functioning in PHP: A Resolved Case

Implementing Cross-Origin Resource Sharing (CORS) to facilitate data exchange across different origins is a common challenge. However, encountering CORS-related errors can be frustrating.

A user recently reported facing issues with CORS while attempting to submit form data from www.siteone.com to www.sitetwo.com. Despite implementing the required header settings in the "cors.php" file on the target domain, the user received "Access-control-Allow-Origin" errors.

Analysis and Solution:

Upon examining the code and headers, it was discovered that the initial implementation of CORS headers was incomplete. The following code snippet used in "cors.php" was not sufficient:

<code class="php">header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST, GET, OPTIONS');</code>
Copy after login

To handle CORS requests comprehensively, a more detailed response is necessary. The following updated code provided a valid solution:

<code class="php">// Allow from any origin
if (isset($_SERVER['HTTP_ORIGIN'])) {
    header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
    header('Access-Control-Allow-Credentials: true');
    header('Access-Control-Max-Age: 86400');    // cache for 1 day
}

// Access-Control headers are received during OPTIONS requests
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {

    if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
        header("Access-Control-Allow-Methods: GET, POST, OPTIONS");         

    if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
        header("Access-Control-Allow-Headers:        {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");

    exit(0);
}

echo "You have CORS!";</code>
Copy after login

Conclusion:

The CORS implementation error was resolved by incorporating the additional code lines that allowed requests from any origin, enabled credentials, and set a cache duration. This enhanced CORS handling ensured successful cross-origin data exchange.

The above is the detailed content of Why is my CORS implementation not working in PHP?. For more information, please follow other related articles on the PHP Chinese website!

source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Articles by Author
Popular Tutorials
More>
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template