In the current project, fineuploader, a pure HTML5 upload component, is used. During the development process, the upload service is placed separately under a specific subdomain. The domain set by the login cookie is under the root domain, and user login detection is performed in the back-end code. , I found that I was always redirected 302 to the non-logged-in page. After investigation, I found that it was caused by the ajax xhr request not containing cookies. After searching around on the Internet, I wrote
Native ajax request method:
1 2 3 4 |
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
|
Server-side settings:
header("Access-Control-Allow-Credentials: true");
header("Access-Control-Allow-Origin: http://www. xxx.com");
The back-end has been adjusted accordingly. Because the front-end involves fineuploader, I simply searched for the keyword withCredentials in its code, and then went to the official document to read it. There is cors configuration http: //docs.fineuploader.com/api/options.html#cors
Add the following configuration to the configuration line and it will be ok
Js code
1 2 3 4 5 |
|
After modification, the problem is solved.
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
