欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  php教程

服务器端跨域访问(CROS)解决方案

程序员文章站 2022-05-10 13:24:49
...
通过设置Http Header方式允许跨域名请求
<?php
    header("Access-Control-Allow-Origin: http://www.requesting-page.com");
?>

more details

browser(client) side code examples:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS


server side code examples:

https://developer.mozilla.org/en-US/docs/Web/HTTP/Server-Side_Access_Control

怎样配置Apache 服务器允许跨域名请求

How do we fix cross domain scripting issue ?

The simple solution is to allow the server to which request is being made to server request to any domain or to a list of domains. The important thing to remember is that the changes are to be made in the server which is serving the web service.

There are multiple ways to do it

1. You change settings in your apache’s httpd-vhosts.conf file ( I am using Apache 2.2 )

<VirtualHost *:80>
ServerAdmin webmaster@dummy-host.com
DocumentRoot “C:/apache-tomcat-6.0.29/webapps/myApplication”
ServerName skill-guru.com
ErrorLog “logs/skg1-error.log”
CustomLog “logs/skg1-access.log” common

Header set Access-Control-Allow-Origin “*”
<Directory “C:/apache-tomcat-6.0.29/webapps/myApplication”>
Options -Indexes FollowSymLinks
AllowOverride AuthConfig FileInfo
Order allow,deny
Allow from all
</Directory>
JkUnmount /*.jsp ajp13
</VirtualHost>

Now after you set the value in apache server and look at the header and would see
HTTP/1.1 200 OK
Date: Mon, 01 Dec 2008 00:23:53 GMT
Server: Apache/2.0.61
Access-Control-Allow-Origin: *
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/xml

怎样配置Tomcat 服务器允许跨域名请求


If you do not plan to use Apache and for some reasons using tomcat or any other similar web Container which supports filter, here is a ready made solution, Cors Filter

This gives you a servlet filter which is compatible with any Java Servlet 2.5+ web container.

Installation is very simple. Add the jar to your libraries

In you web.xml

add this line

<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
</filter>
<filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
相关标签: CROS