How Ajax solves cross-domain issues

Cross-domain HTTP requests are required if you need to get data from different servers (different domain names).

Cross-domain requests are very common on Web pages. Many Web pages are uploaded from different servers into CSS, pictures, JS scripts and so on.

In modern browsers, for data security, all requests are strictly limited to the same domain name, and if you need to invoke data from different sites, you need to resolve them across domains.

The following PHP code runs the Web site used for cross-domain access.

Header ("access-control-allow-origin: *");

For example: The domain name of the client is client.runoob.com, and the requested domain name is server.runoob.com.

If you use AJAX access directly, you will get the following error:

XMLHttpRequest cannot load http://server.runoob.com/server.php. No ' Access-control-allow-origin ' header is present on the requested resource. Origin 'http://client.runoob.com' is therefore not allowed access.

1. Allow single domain access

To specify a domain name (http://client.runoob.com) for cross-domain access, simply add the following code to the http://server.runoob.com/server.php file header:

Header ('access-control-allow-origin:http://client.runoob.com');

2. Allow multiple domain names to be accessed

To specify multiple domain names (http://client1.runoob.com, http://client2.runoob.com, and so on) for cross-domain access, simply add the following code to the http://server.runoob.com/server.php file header:

$origin = Isset ($_server['Http_origin'])? $_server['Http_origin'] :"'; $allow _origin=Array ('http://client1.runoob.com',      'http://client2.runoob.com'  ); if(In_array ($origin, $allow _origin)) {Header ('Access-control-allow-origin:'. $origin); } 

3. Allow all domain names to access

To allow all domain access, simply add the following code to the http://server.runoob.com/server.php file header:

Header ('access-control-allow-origin:*'

How Ajax solves cross-domain issues