合规国际互联网加速 OSASE为企业客户提供高速稳定SD-WAN国际加速解决方案。 广告
apache部分 ``` <Directory "/home/ssdb/admin"> Header set Access-Control-Allow-Origin * Header set Access-Control-Allow-Methods "GET, POST, OPTIONS, PUT, DELETE" #Header set Access-Control-Allow-Headers "Content-Type" #Header set Access-Control-Expose-Headers * Header set Access-Control-Allow-Headers "unionid,shop_id,colonel_id,express1_id,express2_id" #Header set Access-Control-Allow-Credentials " true" #Header set Access-Control-Max-Age " 1728000" Options FollowSymLinks Indexes Require all granted AllowOverride All </Directory> ``` ~~~ Access-Control-Allow-Origin:表示服务端允许的请求源,*标识任何外域; Access-Control-Allow-Credentials:false 表示是否允许发送Cookie,设置为true 同时,ajax请求设置withCredentials = true,浏览 器的cookie就能发送到服务端 Access-Control-Expose-Headers:调用getResponseHeader()方法时候,能从header中获 取的参数 * “预检”缓存时间,服务器设置响应头:Access-Control-Max-Age * “预检”请求时,允许请求方式则需服务器设置响应头:Access-Control-Request-Method ~~~ php部分 ~~~ if ($request->isOptions()) { return json(null,200); } 或 if (strtoupper($request->method()) == "OPTIONS") { header('HTTP/1.1 200 OK'); } ~~~ 获取自定义header信息 ``` php: $header``= apache_request_headers(); ``` 或 ~~~ tp5: $data=$request->header('shop_id'); ~~~