Several forms of cross-domain implementation in PHP
##1. JSONP (JSON with padding) principle
Use the script tag in HTML to load js in other domains, and use script src to obtain data in other domains. However, because it is introduced through tags, So, the requested JSON format data will be run and processed as js. Obviously, this operation will not work.
Therefore, it is necessary to package the returned data in advance and encapsulate it into a function for running processing. The function name is passed to the background through the interface parameter transfer method. After the background parses the function name, it will be used in the original Wrap this function name on the data and send it to the front end. (JSONP requires the cooperation of the backend of the corresponding interface to achieve)
Example:
<script>function showData(ret){ console.log(ret); }</script><script src="http://api.jirengu.com/weather.php?callback=showData"></script>
2. CORS
The full name of CORS is cross-origin resource sharing (Cross-Origin Resource Sharing), which is a An ajax cross-domain resource request method that supports modern browsers, and IE supports 10 and above.
Implementation method:
When usingXMLHttpRequest to send a request, the browser finds that the request does not comply with the same-origin policy and adds the A request header:
Origin, and a series of processing is performed in the background. If the request is determined to be accepted, a response header is added to the return result:
Access-Control-Allow-Origin; the browser determines Does the corresponding header contain the value of Origin? If so, the browser will process the response and we can get the response data. If not, the browser will directly reject it. At this time, we cannot get the response data.
server.js
var http = require('http') var fs = require('fs') var path = require('path') var url = require('url')http.createServer(function(req, res){ var pathObj = url.parse(req.url, true) switch (pathObj.pathname) { case '/getNews': var news = [ "第11日前瞻:中国冲击4金 博尔特再战200米羽球", "正直播柴飚/洪炜出战 男双力争会师决赛", "女排将死磕巴西!郎平安排男陪练模仿对方核心" ] res.setHeader('Access-Control-Allow-Origin','http://localhost:8080') //res.setHeader('Access-Control-Allow-Origin','*') res.end(JSON.stringify(news)) break; default: fs.readFile(path.join(__dirname, pathObj.pathname), function(e, data){ if(e){ res.writeHead(404, 'not found') res.end('<h1>404 Not Found</h1>') }else{ res.end(data) } }) }}).listen(8080)
index.html
<!DOCTYPE html><html><body> <div class="container"> <ul class="news"></ul> <button class="show">show news</button> </div><script> $('.show').addEventListener('click', function(){ var xhr = new XMLHttpRequest() xhr.open('GET', 'http://127.0.0.1:8080/getNews', true) xhr.send() xhr.onload = function(){ appendHtml(JSON.parse(xhr.responseText)) } }) function appendHtml(news){ var html = '' for( var i=0; i<news.length; i++){ html += '<li>' + news[i] + '</li>' } $('.news').innerHTML = html } function $(selector){ return document.querySelector(selector) } </script> </html>
3 , postMessage
Assuming there are two domain names (the domain names of the main domain are inconsistent), and the iframe page is allowed to access the call, then it can be implemented with postMessage.Principle: a domain name sends a request for postMessage, and b domain name hears the message event, and processes and returns the data
//b域名<script>window.frames[0].postMessage(this.value, '*'); //*号表示在任何域下都可以接收message window.addEventListener('message', function(e){ console.log(e.data); });</script>
The above is the detailed content of Several ways of cross-domain php. For more information, please follow other related articles on the PHP Chinese website!