2015-0608

关于跨域Cors

评论关闭[作者: 分类:日积月累 ]

除了常规的jsonP等方式,还可以使用server+client方式。

server:(下面代码是为调试方便来写的,实际环境下必须设置指定的域,否则会引起安全问题!)

if (isset($_SERVER['HTTP_REFERER'])) {
	$url_parse = parse_url($_SERVER['HTTP_REFERER']);
	$port = '';
	if (isset($url_parse['port']) && $url_parse['port'] != 80) {
		$port = ':'.$url_parse['port'];
	}
	@header("Access-Control-Allow-Origin: ".$url_parse['scheme'].'://'.$url_parse['host'].$port);
}
@header("Access-Control-Allow-Credentials: true");




client:


jQuery




jQuery.ajax({
			"url": "/",
			"dataType": "json",
			"success": function (data) {
				console.log(data);
			},
			"xhrFields": {
				"withCredentials": true
			}
		});



							

					

				

					

			

				

		

		

		
		
		

		

	



	
Deepseath Modified from Green Hope Theme   ·  Proudly powered by  WordPress   ·  津ICP备09005418号-1 
	津公网安备 12010302001005号