关于跨域
- 禁止跨域实际上是服务端设置的一个 消息头
- 只能在服务端删除或者利用代理服务器删除
在php页面中允许跨域
<?php
// 特殊字段,允许跨域
header('Access-Control-Allow-Origin:*');
header('Access-Control-Allow-Headers:Content-Type');
header('Access-Control-Allow-Methods:GET,POST,PUT,DELETE,OPTIONS');
echo "\r\n##########get by ip.kms.app #############################\r\n";
echo file_get_contents('php://input');
echo "\r\n##########get by ip.kms.app #############################\r\n";
?>
- 上面这个页面接受任何来源的数据
- 会将接收到的数据
echo
出来
代理服务器修改
- 如果源站设置了禁止代理,此时代理功能会遇到这个问题(由客户端:浏览器检查)
- 可以利用apache的
header
模块进行修改
Header unset content-security-policy
- 上面这个配置主要是删除所有 安全限制,包括跨域请求
- 直接加到
VirtualHost
配置中就行
About cross-domains
- The prohibition of cross-domain is actually a message header set by the server
- can only be removed on the server side or with a proxy server
Allow cross-domains in php pages
<?php
// special field to allow cross-domain
header('Access-Control-Allow-Origin:*');
header('Access-Control-Allow-Headers:Content-Type');
header('Access-Control-Allow-Methods:GET,POST,PUT,DELETE,OPTIONS');
echo "\r\n##########get by ip.kms.app #############################\r\n";
echo file_get_contents('php://input');
echo "\r\n##########get by ip.kms.app #############################\r\n";
? >
- This page above accepts data from any source
- will
echo
out the received data
Proxy server modification
- If the source site is set to disable proxying, the proxy function will encounter this problem (checked by the client:browser)
- can be modified using apache's
header
module
Header unset content-security-policy
- The above configuration mainly removes all security restrictions, including cross-domain requests
- Just add it directly to the
VirtualHost
configuration