diff --git a/app/common/middleware/AllowCrossDomain.php b/app/common/middleware/AllowCrossDomain.php index 2a862821..4ecb9663 100644 --- a/app/common/middleware/AllowCrossDomain.php +++ b/app/common/middleware/AllowCrossDomain.php @@ -55,6 +55,10 @@ public function handle(Request $request, Closure $next, ?array $header = []): Re } } + if ($request->isOptions()) { + return response('', 204, $header); + } + $request->allowCrossDomainHeaders = $header; return $next($request)->header($header); diff --git a/public/index.php b/public/index.php index 5468af68..403b65f6 100644 --- a/public/index.php +++ b/public/index.php @@ -12,23 +12,13 @@ // [ 应用入口文件 ] namespace think; -/* - * 不在tp加载后判断,为了安全的使用exit() - * 使用绝对路径,确保花里胡哨的url均能正确判定和跳转 - */ -if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') { - header("Access-Control-Allow-Credentials: true"); - header("Access-Control-Max-Age: 86400"); - header("Access-Control-Allow-Methods: GET, POST, PATCH, PUT, DELETE, OPTIONS"); - header("Access-Control-Allow-Headers: " . $_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']); - header("Access-Control-Allow-Origin: *"); - exit(); -} - -$rootPath = $_SERVER['DOCUMENT_ROOT'] . DIRECTORY_SEPARATOR; -$server = isset($_REQUEST['server']) || isset($_SERVER['HTTP_SERVER']) || substr($_SERVER['REQUEST_URI'], 1, 9) == 'index.php'; +$server = isset($_REQUEST['server']) || isset($_SERVER['HTTP_SERVER']) || substr($_SERVER['REQUEST_URI'], 1, 9) == 'index.php' || $_SERVER['REQUEST_METHOD'] == 'OPTIONS'; if (!$server) { - // 用户访问前端 + /* + * 用户访问前端 + * 不在tp加载后判断,为了安全的使用 exit()(常驻内存运行时不走本文件) + */ + $rootPath = $_SERVER['DOCUMENT_ROOT'] . DIRECTORY_SEPARATOR; // 安装检测-s if (!is_file($rootPath . 'install.lock') && is_file($rootPath . 'install' . DIRECTORY_SEPARATOR . 'index.html')) { @@ -37,10 +27,7 @@ } // 安装检测-e - /* - * 检测是否已编译前端-s - * 如果存在 index.html 则访问 index.html - */ + // 检测是否已编译前端(如果存在 index.html,则访问)-s if (is_file($rootPath . 'index.html')) { header("location:" . DIRECTORY_SEPARATOR . 'index.html'); exit();