PHP server side handles cross-domain issues

Related recommendations: "PHP Tutorial"

At first, I only set

header('Access-Control-Allow-Origin:*');

at the beginning of the file and then reported an error

Request header field X-Requested-With is not allowed by Access-Control-Allow-Headers in preflight response.

Solution:

Settings at the beginning of the file

header('Access-Control-Allow-Origin:*');
header('Access-Control-Allow-Methods:OPTIONS, GET, POST'); // 允许option，get，post请求
header('Access-Control-Allow-Headers:x-requested-with'); // 允许x-requested-with请求头
后成功

The more confusing one is the setting of Access-Control-Allow-Headers. After reading this document, I understand

If the browser request includes the Access-Control-Request-Headers field, the Access-Control-Allow-Headers field is required. It is also a comma-separated string indicating all header fields supported by the server, not limited to the fields requested by the browser in "preflight".

Then I checked that the request header indeed included Access-Control-Request-Headers

Then the interface information was successfully returned

The above is the detailed content of PHP server side handles cross-domain issues. For more information, please follow other related articles on the PHP Chinese website!