tp5.1 前后端分离api开发时ajax跨域请求中请求头header需要注意的问题
前后端分离开发过程中,使用ajax做请求的时候需要注意几个问题
1.预请求OPTIONS问题
请求头代码改为
if($_SERVER['REQUEST_METHOD'] == 'OPTIONS'){
header('Access-Control-Allow-Origin:http://runapi.showdoc.cc');
header('Access-Control-Allow-Headers:Accept,Referer,Host,Keep-Alive,User-Agent,X-Requested-With,Cache-Control,Content-Type,Cookie,Token');
header('Access-Control-Allow-Credentials:true');
header('Access-Control-Allow-Methods:GET,POST,OPTIONS');
header('Access-Control-Max-Age:1728000');
header('Content-Type:text/plain charset=UTF-8');
header('Content-Length: 0', true);
header('status: 200');
header('HTTP/1.0 204 No Content');
exit;
}else{
header('Access-Control-Allow-Origin:http://runapi.showdoc.cc');
header('Access-Control-Allow-Credentials: true');
header("Access-Control-Allow-Methods:GET, POST, PUT,DELETE,POSTIONS");
header("Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Connection, User-Agent, Cookie,Token");
}
2.请求来源域名跨域问题
不指定请求来源地址参数为* header('Access-Control-Allow-Origin:*');
指定了请求来源地址的话,参数为地址域名 例如: header('Access-Control-Allow-Origin:http://www.xxx.com');
参考链接:https://www.freesion.com/article/99691422047/