Home > Article > Backend Development > php apache uses cors to achieve cross-domain
php apache uses cors to achieve cross-domain
- 巴扎黑Original
- 2016-11-08 11:56:312271browse
apaceh configuration:
<VirtualHost *:80>
ServerAdmin xxx@qq.com
DocumentRoot "C:/htdocs/demo"
ServerName dev.dd.cn
##ErrorLog "logs/dummy-host.localhost-error.log"
##CustomLog "logs/dummy-host.localhost-access.log" combined
<Directory "C:/htdocs/demo">
#Require all denied
Header set Access-Control-Allow-Origin *
</Directory>
</VirtualHost>PHP file settings:
<?php
header("Access-Control-Allow-Origin:*");
//处理请求输出数据
?>The meaning of the configuration is to allow requests initiated by any domain to obtain the data of the current server. Of course, this is very dangerous, and malicious sites may attack our servers through XSS. Therefore, we should try our best to limit security sources in a targeted manner. For example, the following settings allow only the domain http://feng.com to access the server's API across domains.
httpd.conf:
<VirtualHost *:80>
ServerAdmin xxx@qq.com
DocumentRoot "C:/htdocs/demo"
ServerName dev.dd.cn
##ErrorLog "logs/dummy-host.localhost-error.log"
##CustomLog "logs/dummy-host.localhost-access.log" combined
<Directory "C:/htdocs/demo">
#Require all denied
Header set Access-Control-Allow-Origin http://feng.com
</Directory>
</VirtualHost>PHP file:
header("Access-Control-Allow-Origin:http://feng.com");Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:The reason why PHP calls Oracle stored procedure is not all variables bound.Next article:The reason why PHP calls Oracle stored procedure is not all variables bound.