JavaScript uses fetch to cross-domain requests by default without a cookie, which can cause the session to expire.
Fetch (URL, { ' POST ', ' include ', headers: { ' content-type ': ' Application/x-www-form-urlencoded ', }, body:JSON.stringify ({ data:options.data }) } )
Credentials: ' Include ' can be a fetch with cookies. But the problem comes.
Originally set header on server side (PHP server)
Header ("Access-control-allow-origin: *");
Will error:
A Wildcard ' * ' cannot be used in the ' Access-control-allow-origin ' header when the credentials flag is true. Origin ' http://localhost:8000 ' is therefore not allowed access.
You can see that the ' * ' is not allowed, then it is changed to access the domain name (here is the local call so it is http://localhost:8000)
Header ("access-control-allow-origin:http://localhost:8000");
After the change to send the request again, or error
Credentials flag is ' true ' and the ' access-control-allow-credentials ' header is '. It must is ' true ' to allow credentials. Origin ' http://localhost:8000 ' is therefore not allowed access.
Say ' access-control-allow-credentials head must be true, then continue to increase
Header ("Access-control-allow-credentials:true");
After the addition of the normal access, and the session is also available.
Ps:fetch There is a mode is no-cors, found after the return of the status is 0, after checking the information
no-cors
Mode is only to CDN content, such as scripts, CSS and image, you cannot be used for getting data, was right response.status = 0
behavior
No-cors mode can only be used to get CDN content, such as scripts, CSS files and pictures, if used to get data such as JSON format will return status=0
Session failure problem when JavaScript fetch cross-domain request