站点通常采用cookie来保持用户的登陆状态。当涉及跨域访问保持登陆状态时,浏览器处于安全考虑默认是不会携带cookie,也不会跨域写入响应头里的cookie到本地。这时需要前后端配合来解决:
服务器端:
header("Access-Control-Allow-Origin: http://192.168.23.144:8080"); //允许的域
header("Access-Control-Allow-Credentials: true"); //允许跨域携带识别信息
SetCookie("MyCc","Val888",0,'/','192.168.23.144'); //set cookie
前端:
var xhr=new XMLHttpRequest()
xhr.open("POST","http://ai.test.com/dev/login",true)
xhr.withCredentials=true
xhr.onreadystatechange=function(){
if(xhr.readyState==4){
console.log(xhr.responseText)
}
}
xhr.send({mobile: "1300000001"})
不同框架有相应的config方式,以vue为例:
this.$http.post(this.url + "dev/suggest", {name: this.name},{withCredentials: true})
.then(function(res) {
console.log(res)
})