How PHP and UniApp implement cross-domain requests for data

How PHP and UniApp implement cross-domain requests for data

With the rapid development of the Internet, the development method of separating the front end and the back end has become mainstream. In this development method, the front-end is usually developed using the UniApp framework, while the back-end is usually developed using the PHP language. However, due to the browser's same-origin policy restrictions, the front-end cannot directly request data from the back-end across domains. This article will introduce how to use PHP and UniApp to implement cross-domain requests for data, and provide code examples.

1. UniApp code example

UniApp provides the uni.request() method for sending network requests. When sending a request, we need to set the header information, set the request method to OPTIONS and add two necessary header information: 'Origin' and 'Access-Control-Request-Method'. The specific code is as follows:

uni.request({
  url: 'http://example.com/api',
  method: 'OPTIONS',
  header: {
    'Origin': 'http://your.uniapp.com', // 你的UniApp域名
    'Access-Control-Request-Method': 'POST', // 请求方式
  },
  success: (res) => {
    // 执行后续操作
  },
  fail: (err) => {
    // 处理错误
  }
});

2. Code example on the PHP side

In PHP, we need to set the response header information to allow cross-domain requests. The specific code is as follows:

header('Access-Control-Allow-Origin: http://your.uniapp.com'); // 允许的UniApp域名
header('Access-Control-Allow-Methods: POST'); // 允许的请求方式
header('Access-Control-Allow-Headers: Origin, Content-Type'); // 允许的header头部信息

if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
  // 对OPTIONS请求进行处理
  exit;
}

// 对于其他请求进行处理
// ...

In the above code, we allow cross-domain requests for the UniApp domain name by setting the header, and also limit the allowed request methods and header information.

3. Security considerations

In actual development, in order to increase data security, we also need to consider security considerations for cross-domain requests. A common way is to add token verification to the request to ensure the legitimacy of the request.

UniApp side code example:

uni.request({
  url: 'http://example.com/api',
  method: 'POST',
  header: {
    'Origin': 'http://your.uniapp.com',
    'Access-Control-Request-Method': 'POST',
    'Authorization': 'Bearer ' + token, // token验证
  },
  success: (res) => {
    // 执行后续操作
  },
  fail: (err) => {
    // 处理错误
  }
});

PHP side code example:

// 进行token验证
$token = $_SERVER['HTTP_AUTHORIZATION'];

if (isValidToken($token)) {
  // token验证通过，处理请求
  // ...
} else {
  // token验证不通过，返回错误信息
  // ...
}

4. Summary

This article introduces the use of PHP and UniApp Methods for implementing cross-domain requests for data, and code examples are provided. In actual development, we can make appropriate modifications and expansions based on project needs and security considerations. Through reasonable cross-domain request settings, we can realize data interaction between the front end and the back end, improving development efficiency and user experience.

The above is the detailed content of How PHP and UniApp implement cross-domain requests for data. For more information, please follow other related articles on the PHP Chinese website!