PHP 클래스 yii\filters\Cors

Make sure to read carefully what CORS does and does not. CORS do not secure your API, but allow the developer to grant access to third party code (ajax calls from external domain). You may use CORS filter by attaching it as a behavior to a controller or module, like the following, php public function behaviors() { return [ 'corsFilter' => [ 'class' => \yii\filters\Cors::className(), ], ]; } The CORS filter can be specialized to restrict parameters, like this, MDN CORS Information php public function behaviors() { return [ 'corsFilter' => [ 'class' => \yii\filters\Cors::className(), 'cors' => [ restrict access to 'Origin' => ['http://www.myserver.com', 'https://www.myserver.com'], 'Access-Control-Request-Method' => ['POST', 'PUT'], Allow only POST and PUT methods 'Access-Control-Request-Headers' => ['X-Wsse'], Allow only headers 'X-Wsse' 'Access-Control-Allow-Credentials' => true, Allow OPTIONS caching 'Access-Control-Max-Age' => 3600, Allow the X-Pagination-Current-Page header to be exposed to the browser. 'Access-Control-Expose-Headers' => ['X-Pagination-Current-Page'], ], ], ]; } For more information on how to add the CORS filter to a controller, see the Guide on REST controllers.

부터: 2.0

저자: Philippe Gaultier ([email protected])

상속: extends yii\base\ActionFilter

파일 보기 프로젝트 열기: yiisoft/yii2 1 사용 예제들

공개 프로퍼티들

프로퍼티	타입	설명
$actions		define specific CORS rules for specific actions
$cors		Basic headers handled for the CORS requests.
$request		the current request. If not set, the request application component will be used.
$response		the response to be sent. If not set, the response application component will be used.

공개 메소드들

메소드	설명
addCorsHeaders ( Response $response, array $headers )	Adds the CORS headers to the response
beforeAction ( $action )
extractHeaders ( ) : array	Extract CORS headers from the request
overrideDefaultSettings ( Action $action )	Override settings for specific action
prepareHeaders ( array $requestHeaders ) : array	For each CORS headers create the specific response

보호된 메소드들

메소드	설명
headerize ( string $string ) : string	Convert any string (including php headers with HTTP prefix) to header format like : * X-PINGOTHER -> X-Pingother * X_PINGOTHER -> X-Pingother
headerizeToPhp ( string $string ) : string	Convert any string (including php headers with HTTP prefix) to header format like : * X-Pingother -> HTTP_X_PINGOTHER * X PINGOTHER -> HTTP_X_PINGOTHER
prepareAllowHeaders ( string $type, array $requestHeaders, array &$responseHeaders )	Handle classic CORS request to avoid duplicate code

메소드 상세

addCorsHeaders() 공개 메소드

Adds the CORS headers to the response

public addCorsHeaders ( Response $response, array $headers )
$response	yii\web\Response
$headers	array	CORS headers which have been computed

beforeAction() 공개 메소드

public beforeAction ( $action )

extractHeaders() 공개 메소드

Extract CORS headers from the request

public extractHeaders ( ) : array
리턴	array	CORS headers to handle

headerize() 보호된 메소드

Convert any string (including php headers with HTTP prefix) to header format like : * X-PINGOTHER -> X-Pingother * X_PINGOTHER -> X-Pingother

protected headerize ( string $string ) : string
$string	string	string to convert
리턴	string	the result in "header" format

headerizeToPhp() 보호된 메소드

Convert any string (including php headers with HTTP prefix) to header format like : * X-Pingother -> HTTP_X_PINGOTHER * X PINGOTHER -> HTTP_X_PINGOTHER

protected headerizeToPhp ( string $string ) : string
$string	string	string to convert
리턴	string	the result in "php $_SERVER header" format

overrideDefaultSettings() 공개 메소드

Override settings for specific action

public overrideDefaultSettings ( Action $action )
$action	yii\base\Action	the action settings to override

prepareAllowHeaders() 보호된 메소드

Handle classic CORS request to avoid duplicate code

protected prepareAllowHeaders ( string $type, array $requestHeaders, array &$responseHeaders )
$type	string	the kind of headers we would handle
$requestHeaders	array	CORS headers request by client
$responseHeaders	array	CORS response headers sent to the client

prepareHeaders() 공개 메소드

For each CORS headers create the specific response

public prepareHeaders ( array $requestHeaders ) : array
$requestHeaders	array	CORS headers we have detected
리턴	array	CORS headers ready to be sent

프로퍼티 상세

$actions 공개적으로 프로퍼티

define specific CORS rules for specific actions

public $actions

$cors 공개적으로 프로퍼티

Basic headers handled for the CORS requests.

public $cors

$request 공개적으로 프로퍼티

the current request. If not set, the request application component will be used.

public $request

$response 공개적으로 프로퍼티

the response to be sent. If not set, the response application component will be used.

public $response