更新

app/api/middleware/AccessControlTest.php

@@ -0,0 +1,39 @@
+<?php
+/**
+ * This file is part of webman.
+ *
+ * Licensed under The MIT License
+ * For full copyright and license information, please see the MIT-LICENSE.txt
+ * Redistributions of files must retain the above copyright notice.
+ *
+ * @author    walkor<walkor@workerman.net>
+ * @copyright walkor<walkor@workerman.net>
+ * @link      http://www.workerman.net/
+ * @license   http://www.opensource.org/licenses/mit-license.php MIT License
+ */
+
+namespace app\api\middleware;
+
+
+use Webman\MiddlewareInterface;
+use Webman\Http\Response;
+use Webman\Http\Request;
+
+class AccessControlTest implements MiddlewareInterface
+{
+    public function process(Request $request, callable $handler) : Response
+    {
+        // 如果是opitons请求则返回一个空的响应，否则继续向洋葱芯穿越，并得到一个响应
+        $response = $request->method() == 'OPTIONS' ? response('') : $handler($request);
+
+        // 给响应添加跨域相关的http头
+        $response->withHeaders([
+            'Access-Control-Allow-Credentials' => 'true',
+            'Access-Control-Allow-Origin' => $request->header('origin', '*'),
+            'Access-Control-Allow-Methods' => $request->header('access-control-request-method', '*'),
+            'Access-Control-Allow-Headers' => $request->header('access-control-request-headers', '*'),
+        ]);
+
+        return $response;
+    }
+}

app/api/middleware/StaticFile.php

@@ -1,42 +0,0 @@
-<?php
-/**
- * This file is part of webman.
- *
- * Licensed under The MIT License
- * For full copyright and license information, please see the MIT-LICENSE.txt
- * Redistributions of files must retain the above copyright notice.
- *
- * @author    walkor<walkor@workerman.net>
- * @copyright walkor<walkor@workerman.net>
- * @link      http://www.workerman.net/
- * @license   http://www.opensource.org/licenses/mit-license.php MIT License
- */
-
-namespace app\api\middleware;
-
-use Webman\MiddlewareInterface;
-use Webman\Http\Response;
-use Webman\Http\Request;
-
-/**
- * Class StaticFile
- * @package app\middleware
- */
-class StaticFile implements MiddlewareInterface
-{
-    public function process(Request $request, callable $next): Response
-    {
-        // Access to files beginning with. Is prohibited
-        if (strpos($request->path(), '/.') !== false) {
-            return response('<h1>403 forbidden</h1>', 403);
-        }
-        /** @var Response $response */
-        $response = $next($request);
-        // Add cross domain HTTP header
-        /*$response->withHeaders([
-            'Access-Control-Allow-Origin'      => '*',
-            'Access-Control-Allow-Credentials' => 'true',
-        ]);*/
-        return $response;
-    }
-}

config/middleware.php

@@ -12,4 +12,9 @@
  * @license   http://www.opensource.org/licenses/mit-license.php MIT License
  */
 
-return [];
+return [
+    '' => [
+        // ... 这里省略其它中间件
+        app\api\middleware\AccessControlTest::class,
+    ]
+];