Set Access-Control-Allow-Origin to achieve cross-domain access

亚连
Release: 2018-05-22 17:28:37
Original
4206 people have browsed it

This article mainly introduces Ajax setting Access-Control-Allow-Origin to achieve cross-domain access. It is very good and has reference value. Friends in need can refer to it

ajax cross-domain access is an old There are many solutions to the problem. The more commonly used method is the JSONP method. The JSONP method is an unofficial method, and this method only supports the GET method, which is not as safe as the POST method.

Even if you use the jsonp method ofjQueryand set the type to POST, it will automatically change to GET.

Official problem description:

“script”: Evaluates the response asJavaScriptand returns it as plain text. Disables caching by appending a query string parameter, “_= [TIMESTAMP]", to the URL unless the cache option is set to true. Note:This will turn POSTs into GETs for remote-domain requests.

If you use POST across domains, You can create a hidden iframe to achieve this, which is the same as ajax uploading images, but this will be more troublesome.

Therefore, it is relatively simple to achieve cross-domain access by settingAccess-Control-Allow-Origin.

For example: the client's domain name is www.client.com, and the requested domain name is www.server.com

If you directly use ajax to access, there will be the following error

XMLHttpRequest cannot load http://www.server.com/server.PHP. No 'Access-Control-Allow-Origin' header is present on the requested resource.Origin 'http://www.client.com' is therefore not allowed access.

Add

// 指定允许其他域名访问 header('Access-Control-Allow-Origin:*'); // 响应类型 header('Access-Control-Allow-Methods:POST'); // 响应头设置 header('Access-Control-Allow-Headers:x-requested-with,content-type');
Copy after login

to the requested Response header to achieve ajax POST cross-domain access.

The code is as follows:

client.html Path: http://www.client.com/client.html

     跨域测试   

Copy after login

server.php Path: http://www .server.com/server.php

 isset($_POST['name'])? $_POST['name'] : '', 'gender' => isset($_POST['gender'])? $_POST['gender'] : '' ); header('content-type:application:json;charset=utf8'); header('Access-Control-Allow-Origin:*'); header('Access-Control-Allow-Methods:POST'); header('Access-Control-Allow-Headers:x-requested-with,content-type'); echo json_encode($ret); ?>
Copy after login

Access-Control-Allow-Origin:* means allowing cross-domain access from any domain name

If you needSpecify a domain nameto allow it For cross-domain access, just change Access-Control-Allow-Origin:* to Access-Control-Allow-Origin:allowed domain names

For example: header('Access-Control- Allow-Origin:http://www.client.com');

If you needSet multiple domain namesto allow access, you need to use php to process it

For example Allow www.client.com and www.client2.com to have cross-domain access to

server.php and change it to

 isset($_POST['name'])? $_POST['name'] : '', 'gender' => isset($_POST['gender'])? $_POST['gender'] : '' ); header('content-type:application:json;charset=utf8'); $origin = isset($_SERVER['HTTP_ORIGIN'])? $_SERVER['HTTP_ORIGIN'] : ''; $allow_origin = array( 'http://www.client.com', 'http://www.client2.com' ); if(in_array($origin, $allow_origin)){ header('Access-Control-Allow-Origin:'.$origin); header('Access-Control-Allow-Methods:POST'); header('Access-Control-Allow-Headers:x-requested-with,content-type'); } echo json_encode($ret); ?>
Copy after login

. The above is what I compiled for everyone. I hope it will be helpful to everyone in the future.

Related articles:

Ajax implements dynamic loading of data

Solution to spring mvc returning json data toajaxerror reporting parseerror problem

Various postures of front-endajaxto interact with the back-end (graphic tutorial)

The above is the detailed content of Set Access-Control-Allow-Origin to achieve cross-domain access. For more information, please follow other related articles on the PHP Chinese website!

Related labels:
source:php.cn
Statement of this Website
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Latest Downloads
More>
Web Effects
Website Source Code
Website Materials
Front End Template
About us Disclaimer Sitemap
php.cn:Public welfare online PHP training,Help PHP learners grow quickly!