ajax:使用withCredentials解决跨域问题
后端配置支持多域名跨域:
$origin = isset($_SERVER['HTTP_ORIGIN']) ? $_SERVER['HTTP_ORIGIN'] : ''; $allow_origin = array( 'https://www.a.cn', 'https://m.b.cn' ); if(in_array($origin, $allow_origin)){ header('Access-Control-Allow-Origin:'.$origin); header('Access-Control-Allow-Methods:POST, GET'); header('Access-Control-Allow-Headers:x-requested-with,content-type'); header("Access-Control-Allow-Credentials: true"); }
前端ajax配置:
$.ajax({ url: "http://localhost:8080/orders", type: "GET", xhrFields: { withCredentials: true }, crossDomain: true, success: function (data) { render(data); } });