apaceh configuration:
<VirtualHost *:80> ServerAdmin xxx@qq.com DocumentRoot "C:/htdocs/demo" ServerName dev.dd.cn ##ErrorLog "logs/dummy-host.localhost-error.log" ##CustomLog "logs/dummy-host.localhost-access.log" combined <Directory "C:/htdocs/demo"> #Require all denied Header set Access-Control-Allow-Origin * </Directory> </VirtualHost>
PHP file settings:
<?php header("Access-Control-Allow-Origin:*"); //处理请求输出数据 ?>
The meaning of the configuration is to allow requests initiated by any domain to obtain the data of the current server. Of course, this is very dangerous, and malicious sites may attack our servers through XSS. Therefore, we should try our best to limit security sources in a targeted manner. For example, the following settings allow only the domain http://feng.com to access the server's API across domains.
httpd.conf:
<VirtualHost *:80> ServerAdmin xxx@qq.com DocumentRoot "C:/htdocs/demo" ServerName dev.dd.cn ##ErrorLog "logs/dummy-host.localhost-error.log" ##CustomLog "logs/dummy-host.localhost-access.log" combined <Directory "C:/htdocs/demo"> #Require all denied Header set Access-Control-Allow-Origin http://feng.com </Directory> </VirtualHost>
PHP file:
header("Access-Control-Allow-Origin:http://feng.com");
The above introduces the cross-domain implementation of php apache using cors, including aspects of the content. I hope it will be helpful to friends who are interested in PHP tutorials.