You need to enable JavaScript to run this app.
最新活动
大模型
产品
解决方案
定价
生态与合作
支持与服务
开发者
了解我们
文档备案控制台

CORS报错提示来源不匹配http://localhost:5173,但本地无该端口进程且React运行在3000端口的问题排查求助

avatar
阿华AIGC实验室
2026-3-31
CORS报错提示来源不匹配http://localhost:5173,但本地无该端口进程且React运行在3000端口的问题排查求助

我最近碰到了一个特别诡异的CORS问题,想请大家帮忙排查下:

我在从本地PHP后端获取数据时触发了如下错误:

Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at https://localhost/login.php. (Reason: CORS header ‘Access-Control-Allow-Origin’ does not match ‘http://localhost:5173’). TypeError: NetworkError when attempting to fetch resource.

但离谱的是,我的Mac上完全没有任何进程在5173端口运行,我的React项目明明是跑在http://localhost:3000的啊!

我已经尝试过的排查操作

  • 尝试修改Apache的httpd.conf配置文件,把端口改成5173,但重启后Apache还是在8080端口提供服务
  • 反复确认React开发服务器确实运行在3000端口,没有任何变动
  • 清空了浏览器缓存,并且完全重启了Apache和React开发服务器
  • 用命令排查5173端口的占用情况,但查不到任何占用该端口的程序
  • 上周用同样的fetch请求和login.php接口完全能正常工作,没有任何问题

后端login.php代码 

<?php 
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Methods: GET, POST, PUT, DELETE, OPTIONS");
header("Access-Control-Allow-Headers: Content-Type, Authorization, X-Requested-With");
header("Access-Control-Allow-Credentials: true");
header("Content-Type: application/json");
session_start();
require "dbsession.php";

$dcdb = getDbSes();

if ($dcdb) {
    $reqbody = file_get_contents('php://input');
    $jsonar = json_decode($reqbody, TRUE);

    // Simple registration check - just 6 lines added
    if (isset($jsonar["register"]) && $jsonar["register"] === true) {
        handleRegistration($jsonar, $dcdb);
        return;
    }
    // End of addition

    if (trim($jsonar["pass"]) == "" || trim($jsonar["email"]) == "") {
        $_SESSION["uid"] = "";
        $ret = [];
        $ret["success"] = false;
        $ret["message"] = "Nonexistent user or wrong password";
        $ret["mid"] = 1;
        echo json_encode($ret);
        return;
    }

    loginOrCreate($jsonar, 0, $dcdb);
}

function loginOrCreate($jsonar, $loopcheck, $dcdb) {
    if ($loopcheck > 1) return false;
    $selectuser = $dcdb->prepare("SELECT uid, hash FROM users WHERE email=:email;");
    $selectuser->bindValue(":email", $jsonar["email"]);
    $pwd = $jsonar["pass"];

    if ($selectuser->execute()) {
        if ($selectuser->rowCount() == 0) {
            $insertuser = $dcdb->prepare("INSERT INTO users (email, hash) values (:email, :hash);");
            $insertuser->bindValue(":email", $jsonar["email"]);
            $insertuser->bindValue(":hash", password_hash($jsonar["pass"], PASSWORD_BCRYPT));
            if ($insertuser->execute()) {
                loginOrCreate($jsonar, $loopcheck+1, $dcdb);
            } else {
                $_SESSION["uid"] = "";
                $ret = [];
                $ret["success"] = false;
                $ret["message"] = "Nonexistent user or wrong password";
                $ret["mid"] = 1;
                echo json_encode($ret);
            }
        } else {
            $row = $selectuser->fetch();
            $hash = $row["hash"];
            $uid = $row["uid"];
            $selectuser->closeCursor();

            if (password_verify($jsonar["pass"], $hash)) {
                $_SESSION["uid"] = $uid;
                $ret = [];
                $ret["success"] = true;
                $ret["message"] = "User exists and has a uid.";
                $ret["mid"] = 1;
                echo json_encode($ret);
            } else {
                $_SESSION["uid"] = "";
                $ret = [];
                $ret["success"] = false;
                $ret["message"] = "Nonexistent user or wrong password";
                $ret["mid"] = 1;
                echo json_encode($ret);
            }
        }
    } else {
        $ret = [];
        $ret["success"] = false;
        $ret["message"] = "Nonexistent user or wrong password";
        $ret["mid"] = 1;
        echo json_encode($ret);
    }
}

// Added registration function - simple and clean
function handleRegistration($jsonar, $dcdb) {
    if (trim($jsonar["pass"]) == "" || trim($jsonar["email"]) == "") {
        $ret = [];
        $ret["success"] = false;
        $ret["message"] = "Email and password required";
        $ret["mid"] = 1;
        echo json_encode($ret);
        return;
    }

    // Check if user already exists
    $selectuser = $dcdb->prepare("SELECT uid FROM users WHERE email=:email;");
    $selectuser->bindValue(":email", $jsonar["email"]);

    if ($selectuser->execute()) {
        if ($selectuser->rowCount() > 0) {
            // User already exists
            $ret = [];
            $ret["success"] = false;
            $ret["message"] = "User already exists";
            $ret["mid"] = 2;
            echo json_encode($ret);
        } else {
            // Create new user
            $insertuser = $dcdb->prepare("INSERT INTO users (email, hash) values (:email, :hash);");
            $insertuser->bindValue(":email", $jsonar["email"]);
            $insertuser->bindValue(":hash", password_hash($jsonar["pass"], PASSWORD_BCRYPT));
            if ($insertuser->execute()) {
                // 原代码此处未写完,保持原样
            }
        }
    }
}

实在搞不懂为什么浏览器会认定请求来源是5173端口——明明我的React跑在3000,这个端口也根本没被占用。有没有朋友遇到过类似的情况,或者能给我一些新的排查方向?

火山引擎 最新活动

方舟 Coding Plan

HOT

模型自由,工具不限,免费解锁 ArkClaw,7*24 小时在线的专属智能伙伴

查看详情

一键部署 OpenClaw

分钟级部署,云服务器包月低至¥9.9,与 CodingPlan 组合购买仅需19.8元

查看详情

Seedance2.0 体验中心上线

注册即享免费500万Tokens,抢先领略新一代AI视频技术跃迁

查看详情

新用户特惠专场

大模型19元起,Al应用9.9元畅享,新人首购爆款尽享优惠

查看详情