CORS can be used for cross-origin requests with different domain names.
1) place the following files in the requested project root directory (Root ):
Crossdomain. xml
- [HTML]View plaincopyprint?
- <? XML version = "1.0"?>
- <! Doctype cross-domain-policy system "./cross-domain-policy.dtd">
- <Cross-domain-Policy> <site-control permitted-Cross-Domain-policies = "all"/>
- <Allow-access-from domain = "*"/>
- <Allow-http-request-headers-from domain = "*" headers = "*"/>
- </Cross-Domain-Policy>
Cross-domain-policy.dtd
[HTML]View plaincopyprint?
- <? XML version = "1.0" encoding = "ISO-8859-1"?>
- <! -- Adobe DTD for Cross-Domain Policy files -->
- <! -- Copyright (c) 2008-2009, Adobe Systems Inc. -->
- <! Element Cross-Domain-Policy (site-control ?, Allow-access-from *, allow-http-request-headers-from *, allow-access-from-identity *)>
- <! Element site-control empty>
- <! ATTLIST site-control permitted-Cross-Domain-policies (all | by-Content-Type | by-ftp-filename | master-only | none) # required>
- <! Element allow-access-from empty>
- <! ATTLIST allow-access-from domain CDATA # required>
- <! ATTLIST allow-access-from to-ports CDATA # implied>
- <! ATTLIST allow-access-from secure (true | false) "true">
- <! Element allow-http-request-headers-from empty>
- <! ATTLIST allow-http-request-headers-from domain CDATA # required>
- <! ATTLIST allow-http-request-headers-FROM headers CDATA # required>
- <! ATTLIST allow-http-request-headers-from secure (true | false) "true">
- <! Element allow-access-from-Identity (signatory)>
- <! Element signatory (certificate)>
- <! Element certificate empty>
- <! ATTLIST certificate fingerprint CDATA # required>
- <! ATTLIST certificate fingerprint-algorithm CDATA # required>
- <! -- End of file. -->
Test that the two XML files can be accessed from http: // domain: Port/crossdomain. xml.
2) responseheader must be added to the target to be returned.Access-control-allow-Origin
Response. setheader ("Access-control-allow-Origin","*");
* Can be the domain name of the requester.
Reference: http://blog.csdn.net/hereiskxm/article/details/32093675
The browser intercepts the cross-origin request processing method-Firefox reports an error. The same-origin policy cannot read remote resources on xxx.