设置响应头:
允许跨域的域
Access-Control-Allow-Origin: http://foo.example
允许跨域执行的方法
Access-Control-Allow-Methods: POST, GET, OPTIONS
允许跨域设置的头信息
Access-Control-Allow-Headers: X-PINGOTHER
允许访问Cookies
Access-Control-Allow-Credentials: true
参考:
https://developer.mozilla.org/En/HTTP_access_control
https://developer.mozilla.org/En/Server-Side_Access_Control
中文:
https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Access_control_CORS
https://developer.mozilla.org/zh-CN/docs/Web/HTTP/Server-Side_Access_Control