Мой контроллер
namespace app\controllers;
use common\models\User;
use yii\rest\ActiveController;
use yii\filters\Cors;
class UserController extends ActiveController {
public $modelClass = 'app\models\User';
public $enableCsrfValidation = false;
public static function allowedDomains() {
return [
'*',
];
}
/**
* @inheritdoc
*/
public function behaviors() {
return array_merge(parent::behaviors(), [
// For cross-domain AJAX request
'corsFilter' => [
'class' => \yii\filters\Cors::className(),
'cors' => [
// restrict access to domains:
'Origin' => static::allowedDomains(),
'Access-Control-Request-Method' => ['*'],
'Access-Control-Allow-Credentials' => true,
'Access-Control-Max-Age' => 3600, // Cache (seconds)
],
],
]);
}
}
В ответе от сервера заголовки не приходят
Простой
