zhaobiao/app/middleware/CrossDomain.php

<?php
/**
 *
 * HeaderAllow.php
 * User: ChenLong
 * DateTime: 2020/4/14 15:16
 */


namespace app\middleware;


use think\Request;

/**
 * 跨域设置
 * Class HeaderAllow
 * @package app\middleware
 * @author chenlong <vip_chenlong@163.com>
 */
class CrossDomain
{
    /**
     * 允许的跨域设置的app
     * @return array
     */
    private function allowApp()
    {
        return explode(',', env('CROSS_DOMAIN.ALLOW_APP', ''));
    }

    /**
     * 允许的参数
     * @return array
     */
    private function allowParam()
    {
        $allowParam = [
            'Authorization', 'Content-Type', 'If-Match', 'If-Modified-Since',
            'If-None-Match', 'If-Unmodified-Since', 'X-Requested-With',
            // 上面是常用，下面是加Token时定义
            'Token', 'Refresh-Token'
        ];

        // debug 模式时免token验证
        if (env('APP_DEBUG') && env('CROSS_DOMAIN.NO_TOKEN')) {
            $allowParam[] = env('CROSS_DOMAIN.NO_TOKEN') ;
        }

        return $allowParam;
    }


    public function handle(Request $request, \Closure $closure)
    {
        if (in_array(app('http')->getName(), $this->allowApp())) {

            $Origin = env('APP_DEBUG') ? '*' : env('CROSS_DOMAIN.ALLOW_DOMAIN', '*');

            header('Access-Control-Allow-Origin:' . $Origin);
            header('Access-Control-Allow-Methods:' . env('CROSS_DOMAIN.ALLOW_METHOD', 'POST,GET,OPTIONS'));
            header('Access-Control-Allow-Headers:' . implode(',', $this->allowParam()));
            // 更多....

        }

        return $closure($request);
    }
}
first commit 3 years ago			`<?php`
			`/**`
			`*`
			`* HeaderAllow.php`
			`* User: ChenLong`
			`* DateTime: 2020/4/14 15:16`
			`*/`


			`namespace app\middleware;`


			`use think\Request;`

			`/**`
			`* 跨域设置`
			`* Class HeaderAllow`
			`* @package app\middleware`
			`* @author chenlong <vip_chenlong@163.com>`
			`*/`
			`class CrossDomain`
			`{`
			`/**`
			`* 允许的跨域设置的app`
			`* @return array`
			`*/`
			`private function allowApp()`
			`{`
			`return explode(',', env('CROSS_DOMAIN.ALLOW_APP', ''));`
			`}`

			`/**`
			`* 允许的参数`
			`* @return array`
			`*/`
			`private function allowParam()`
			`{`
			`$allowParam = [`
			`'Authorization', 'Content-Type', 'If-Match', 'If-Modified-Since',`
			`'If-None-Match', 'If-Unmodified-Since', 'X-Requested-With',`
			`// 上面是常用，下面是加Token时定义`
			`'Token', 'Refresh-Token'`
			`];`

			`// debug 模式时免token验证`
			`if (env('APP_DEBUG') && env('CROSS_DOMAIN.NO_TOKEN')) {`
			`$allowParam[] = env('CROSS_DOMAIN.NO_TOKEN') ;`
			`}`

			`return $allowParam;`
			`}`


			`public function handle(Request $request, \Closure $closure)`
			`{`
			`if (in_array(app('http')->getName(), $this->allowApp())) {`

			`$Origin = env('APP_DEBUG') ? '' : env('CROSS_DOMAIN.ALLOW_DOMAIN', '');`

			`header('Access-Control-Allow-Origin:' . $Origin);`
			`header('Access-Control-Allow-Methods:' . env('CROSS_DOMAIN.ALLOW_METHOD', 'POST,GET,OPTIONS'));`
			`header('Access-Control-Allow-Headers:' . implode(',', $this->allowParam()));`
			`// 更多....`

			`}`

			`return $closure($request);`
			`}`
			`}`