简体中文(ZH-CN)English(EN)繁体中文(ZH-TW)日本語(JA)한국어(KO)Melayu(MS)Français(FR)Deutsch(DE)
Home
Article
Q&A
Course
Topic
Download
Game
Dictionary
Recent Updates

Home  >  Article  >  php教程  >  Server-side cross-domain access (CROS) solution

Server-side cross-domain access (CROS) solution

高洛峰
高洛峰Original
2016-12-14 13:07:402550browse

通过设置Http Header方式允许跨域名请求

<?php
    header("Access-Control-Allow-Origin: http://www.requesting-page.com");
?>

more details

browser(client) side code examples:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS


server side code examples:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Server-Side_Access_Control

怎样配置Apache 服务器允许跨域名请求

How do we fix cross domain scripting issue ?

The simple solution is to allow the server to which request is being made to server request to any domain or to a list of domains. The important thing to remember is that the changes are to be made in the server which is serving the  web service.

There are multiple ways to do it

1.  You change settings in your apache’s  httpd-vhosts.conf file ( I am using Apache 2.2 )

<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.com
DocumentRoot “C:/apache-tomcat-6.0.29/webapps/myApplication”
ServerName skill-guru.com
ErrorLog “logs/skg1-error.log”
CustomLog “logs/skg1-access.log” common

Header set Access-Control-Allow-Origin “*”
<Directory “C:/apache-tomcat-6.0.29/webapps/myApplication”>
Options -Indexes FollowSymLinks
AllowOverride AuthConfig FileInfo
Order allow,deny
Allow from all
</Directory>
JkUnmount /*.jsp ajp13
</VirtualHost>

Now after you set the value in apache server and look at the header and would see
HTTP/1.1 200 OK
Date: Mon, 01 Dec 2008 00:23:53 GMT
Server: Apache/2.0.61
Access-Control-Allow-Origin: *
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/xml

怎样配置Tomcat 服务器允许跨域名请求


If you do not plan to use Apache and for some reasons using tomcat or any other similar web Container which supports filter, here is a ready made solution, Cors Filter

This gives you a servlet filter which is compatible with any Java Servlet 2.5+ web container.

Installation is very simple. Add the jar to your libraries

In you web.xml

add this line

<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>


Statement:
The content of this article is voluntarily contributed by netizens, and the copyright belongs to the original author. This site does not assume corresponding legal responsibility. If you find any content suspected of plagiarism or infringement, please contact admin@php.cn
Previous article:PHP simulates logging into MSN and obtains user informationNext article:PHP simulates logging into MSN and obtains user information

Related articles

See more