科技改变生活-雨落星辰 - 所有的伟大,都源于一个勇敢的开始

    最新消息:雨落星辰是一个专注网站SEO优化、网站SEO诊断、搜索引擎研究、网络营销推广、网站策划运营及站长类的自媒体原创博客
    你的位置: 首页>programmer>javascript - CORS: Can't get POST request body. - Stack Overflow

    javascript - CORS: Can't get POST request body. - Stack Overflow

    programmeradmin0浏览0评论

    I am trying to make request with XMLHttpRequest from file://example.html to http://localhost/index.php. I read a lot about CORS(in this case origin is null, this is OK.) and i have no idea what i am doing wrong. My request finishes well but the $_POST is empty! Except if i set "Content-type: application/x-www-form-urlencoded". But "text/plain" or "application/json" gives no result in $_POST... Why?

        xhr.open("POST", "http://localhost/index.php", true);
    xhr.setRequestHeader("Content-Type", "application/json");
    xhr.onreadystatechange = handler;
    xhr.send({'a':'12'});

    I am trying to make request with XMLHttpRequest from file://example.html to http://localhost/index.php. I read a lot about CORS(in this case origin is null, this is OK.) and i have no idea what i am doing wrong. My request finishes well but the $_POST is empty! Except if i set "Content-type: application/x-www-form-urlencoded". But "text/plain" or "application/json" gives no result in $_POST... Why?

        xhr.open("POST", "http://localhost/index.php", true);
    xhr.setRequestHeader("Content-Type", "application/json");
    xhr.onreadystatechange = handler;
    xhr.send({'a':'12'});
    • javascript
    • php
    • cors
    Share Improve this question asked Jul 25, 2015 at 8:41 JohnJohn 1111 silver badge6 bronze badges
    Add a ment  | 

    2 Answers 2

    Reset to default 5

    You are probably doing one of these two things wrong:

    If the content-type is not application/x-www-form-urlencoded, CORS must send a preflight request. That means that the browser will send before doing the POST request an OPTIONS request, which is used to determine if the POST request is allowed. Take a look here how this works.

    Secondly, if you use xhr.setRequestHeader("Content-Type", "application/json"), the $_POST parameters will not be filled with parameters, this is only the case for application/x-www-form-urlencoded. To get the JSON you send, you will have to do:

    <?php
  $input = json_decode(file_get_contents("php://input"), true);
  echo $input['a']; //echoes: 12

    For more info, see this question.

    Furthermore, if you go into the debugging facilities of any decent browser, it will create an error message if the CORS request is not allowed, please be sure to check if the CORS request was actually made by the browser.

    I hope this helps you.

    plementing @user23127 response

    server side should have something like this to respond to the OPTIONS preflight request:

    if (request.method === 'OPTIONS') {
  htmlRes = HttpResponse()
  htmlRes['Access-Control-Allow-Origin']='*' // or your not origin domain
  htmlRes['Access-Control-Allow-Methods']='*' // or POST, GET, PUT, DELETE
  htmlRes['Access-Control-Allow-Headers']='*' // Content-Type, X-REQUEST
}
// the rest of the code as if it was not a CORS request

    与本文相关的文章

    发布评论

    评论列表(0)

    1. 暂无评论