允許我的API通過AJAX訪問

Question

我有一個API在服務器上獲取某個日期。

public function post_events() 
{ 
    header('Access-Control-Allow-Origin: *'); 
    header('Access-Control-Allow-Methods: GET, POST'); 
    header("Access-Control-Allow-Headers: X-Requested-With"); 

    $city = Input::post('city','all'); 
    $c = Model_chart::format_chart($city); 
    return $this->response($c); 
} 

它在通常的捲曲方法上工作正常。但我試圖在Angular.js上使用$ http來訪問它，它給我帶來了這個錯誤。

XMLHttpRequest cannot load http://event.deremoe.com/vendor/events.json . No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin ' http://app.event.chart ' is therefore not allowed access.

正如你所看到的，我已經在函數中添加了標題。我也檢查了curl，並且在我調用api時連接了標題Access-Control-Allow-Origin。

有什麼我在這裏失蹤？

更多信息：這是通過正常捲曲返回給我的標題信息。

Remote Address:104.28.19.112:80 
Request URL:http://event.deremoe.com/vendor/events.json 
Request Method:OPTIONS 
Status Code:404 Not Found 

Request Headersview source 
Accept:*/* 
Accept-Encoding:gzip,deflate,sdch 
Accept-Language:en-US,en;q=0.8 
Access-Control-Request-Headers:accept, content-type 
Access-Control-Request-Method:POST 
Connection:keep-alive 
Host:event.deremoe.com 
Origin:http://app.event.chart 
Referer:http://app.event.chart/ 
User-Agent:Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.120 Safari/537.36 

Response Headersview source 
CF-RAY:16f687416fe30c35-SEA 
Connection:keep-alive 
Content-Encoding:gzip 
Content-Type:text/html; charset=UTF-8 
Date:Thu, 25 Sep 2014 10:27:17 GMT 
Server:cloudflare-nginx 
Set-Cookie:__cfduid=d1a9e4283faacc0a2b029efef586b6b931411640837342; expires=Mon, 23-Dec-2019 23:50:00 GMT; path=/; domain=.deremoe.com; HttpOnly 
Transfer-Encoding:chunked 
X-Powered-By:PHP/5.4.30 

Answer 1

瀏覽器發出第一個飛行前的選項調用您的API，這是什麼觸發錯誤：Access-Control-Allow-Origin。你可以創建自己的API接受的所有選項請求一個端點，你必須也有設置的標頭就像崗位事件：

header('Access-Control-Allow-Origin: *'); 

，你還會收到的404未找到的狀態代碼。這意味着無法找到OPTIONS端點。