Laravel Cors 推荐人政策

Question

当用户尝试发送新消息时，我运行在 Laravel 8 使用 ChatBro 服务进入以下错误；

Seems like the 'Referrer-Policy' of your site is 'no-referral'. For correct chat's work it must be equal 'no-referrer-when-downgrade' or any other that suits you. More information about 'Referral policy' you can find

显然，我的请求 header 设置为 Referrer Policy: no-referrer。

请求响应为；

{"error":"Referer null or empty","type":"RefererException"}

我正在使用具有以下配置的 laravel/cors 包；

'paths'                    => ['api/*', 'api0/*'],
'allowed_methods'          => ['*'],
'allowed_origins'.         => ['*'],
'allowed_origins_patterns' => [],
'allowed_headers'          => ['*'],
'exposed_headers'          => [],
'max_age'                  => 0,
'supports_credentials'     => false,

我该如何解决这个问题？

Answer 1

您可能希望在您的 Nginx 服务器块中定义它，如下所示；

server {
  # some configuration
  add_header Referrer-Policy "no-referrer-when-downgrade";
  # other configuration
}

strict-origin-when-cross-origin 优于 no-referrer-when-downgrade。

policy that is secure, privacy-enhancing, and useful—what "useful" means depends on what you want from the referrer

更多详细信息，请访问 Referrer Best Practices and Referrer Policy directives。

Laravel Cors 推荐人政策

Laravel Cors Referrer Policy

nginx

laravel

referrer-policy