Background: You want to implement a cross-domain call interface, and then support the next call, with the ability to bring cookie information, and support cross-domain invocation of domain names from multiple sources.
1. This supports cross-domain calls from all domain names:
Cross-domain is not supported, browser error:
Add the appropriate protocol header to the API interface server:
Header ("Access-control-allow-origin: *",); Header (' Access-control-allow-headers:x-requested-with, Content-type ');
However, such API interfaces do not support cookies.
2. If you want to support cookies, you need to add
Header (' access-control-allow-credentials:true ');
However, in this case, the front of the server set the header, the browser will be error. Say it's access-control-allow-origin head. * This wildcard is not available.
Header ("Access-control-allow-origin: *",);
Browser error such as:
Must be changed to a specific domain name. However, our API also want to support the cross-domain access from many different domain names, how to do it, at this time, the server to do a dynamic judgment processing is OK.
<?php$ret = Array ( ' name ' = isset ($_post[' name '])? $_post[' name ']: ', ' gender ' = isset ($_post[') Gender '])? $_post[' gender '): Header (' Content-type:application:json;charset=utf8 '); $origin = Isset ($_server[' Http_origin ') ])? $_server[' http_origin ': '; $allow _origin = Array ( ' http://www.client.com ', ' http://www.client2.com '); if ( In_array ($origin, $allow _origin)) { header (' Access-control-allow-origin: '. $origin); Header (' Access-control-allow-methods:post '); Header (' Access-control-allow-headers:x-requested-with,content-type ');} echo Json_encode ($ret);? >
Reference: http://my.oschina.net/blogshi/blog/303758
Ajax implements API interface calls across domains