質問編集履歴

headerレスポンスです。

2020/08/23 05:42

投稿

退会済みユーザー

スコア0

test CHANGED Viewed

File without changes

test CHANGED Viewed

@@ -142,6 +142,72 @@
+```
+Request URL: https://xxx/wp-json/wp/v2/xxx
+Request Method: OPTIONS
+Status Code: 401
+Remote Address: xx.xx.xx.xx
+Referrer Policy: no-referrer-when-downgrade
+content-length: 2784
+content-type: text/html
+date: Sun, 23 Aug 2020 05:22:28 GMT
+etag: "ae0-57776badffe36"
+last-modified: Fri, 05 Oct 2018 08:05:08 GMT
+server: nginx
+status: 401
+www-authenticate: Basic realm="Member Site"
+:authority: xx.xx.xx
+:method: OPTIONS
+:path: /wp-json/wp/v2/xxx
+:scheme: https
+accept: */*
+accept-encoding: gzip, deflate, br
+accept-language: ja,en-US;q=0.9,en;q=0.8
+access-control-request-headers: authorization
+access-control-request-method: POST
+cache-control: no-cache
+origin: https://xxx
+pragma: no-cache
+referer: https://xxx
+sec-fetch-dest: empty
+sec-fetch-mode: cors
+sec-fetch-site: cross-site
+user-agent: xxx
+```
 function.phpやhttp.php、admin-ajax.php、.htaccessなどにもheader( 'Access-Control-Allow-Origin: *')を追加してみましたがダメでした。
 ベーシック認証がかかっているとワイルドカードは使えないという情報も見たのでheader( 'Access-Control-Allow-Origin: https://****')とアドレスを指定してみましたがうまくいきません。

試したコードとその結果です

2020/08/23 05:42

投稿

退会済みユーザー

スコア0

test CHANGED Viewed

File without changes

test CHANGED Viewed

@@ -68,6 +68,78 @@
+```
+[ functions.phpに追加 ]
+function my_customize_rest_cors() {
+	remove_filter( 'rest_pre_serve_request', 'rest_send_cors_headers' );
+	add_filter( 'rest_pre_serve_request', function( $value ) {
+		header( 'Access-Control-Allow-Origin: https://xxx' );
+		header( 'Access-Control-Allow-Methods: GET' );
+		header( 'Access-Control-Allow-Credentials: true' );
+		return $value;
+	} );
+}
+add_action( 'rest_api_init', 'my_customize_rest_cors', 15 );
+[ 結果 ]
+Access to XMLHttpRequest at 'https://xxx/wp-json/wp/v2/xxx' from origin 'https:xxx' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
+```
+```
+[ admin-ajax.phpに追加 ]
+header( 'Access-Control-Allow-Origin: https://xxx' );
+header( 'Access-Control-Allow-Methods: GET' );
+header( 'Access-Control-Allow-Credentials: true' );
+[ 結果 ]
+Access to XMLHttpRequest at 'https://xxx/wp-json/wp/v2/xxx' from origin 'https:xxx' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
+```
+```
+[ .htaccessに追加 ]
+Header set Access-Control-Allow-Origin: http://xxx
+Header set Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE
+Header set Access-Control-Allow-Credentials: true
+[ 結果 ]
+Access to XMLHttpRequest at 'https://xxx/wp-json/wp/v2/xxx' from origin 'https:xxx' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
+```
 function.phpやhttp.php、admin-ajax.php、.htaccessなどにもheader( 'Access-Control-Allow-Origin: *')を追加してみましたがダメでした。

2020/08/23 05:36

投稿

退会済みユーザー

スコア0

test CHANGED Viewed

File without changes

test CHANGED Viewed

@@ -26,7 +26,7 @@
     add_filter( 'rest_pre_serve_request', function( $value ) {
-        //header( 'Access-Control-Allow-Origin: ' . $origin );
+        header( 'Access-Control-Allow-Origin: ' . $origin );
         header( 'Access-Control-Allow-Methods: POST, GET, OPTIONS, PUT, DELETE' );