通過設置Http Header方式允許跨域名請求
<?php
header("Access-Control-Allow-Origin: http://www.requesting-page.com");
?>more details
browser(client) side code examples:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
server side code examples:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Server-Side_Access_Control
怎樣配置Apache 服務器允許跨域名請求
How do we fix cross domain scripting issue ?
The simple solution is to allow the server to which request is being made to server request to any domain or to a list of domains. The important thing to remember is that the changes are to be made in the server which is serving the web service.
There are multiple ways to do it
1. You change settings in your apache’s httpd-vhosts.conf file ( I am using Apache 2.2 )
<VirtualHost *:80>
ServerAdmin [email protected]
DocumentRoot “C:/apache-tomcat-6.0.29/webapps/myApplication”
ServerName skill-guru.com
ErrorLog “logs/skg1-error.log”
CustomLog “logs/skg1-access.log” commonHeader set Access-Control-Allow-Origin “*”
<Directory “C:/apache-tomcat-6.0.29/webapps/myApplication”>
Options -Indexes FollowSymLinks
AllowOverride AuthConfig FileInfo
Order allow,deny
Allow from all
</Directory>JkUnmount /*.jsp ajp13
</VirtualHost>
Now after you set the value in apache server and look at the header and would see
HTTP/1.1 200 OK
Date: Mon, 01 Dec 2008 00:23:53 GMT
Server: Apache/2.0.61
Access-Control-Allow-Origin: *
Keep-Alive: timeout=2, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/xml
怎樣配置Tomcat 服務器允許跨域名請求
If you do not plan to use Apache and for some reasons using tomcat or any other similar web container which supports filter, here is a ready made solution, Cors Filter
This gives you a servlet filter which is compatible with any Java Servlet 2.5+ web container.
Installation is very simple. Add the jar to your libraries
In you web.xml
add this line
<filter>
<filter-name>CORS</filter-name>
<filter-class>com.thetransactioncompany.cors.CORSFilter</filter-class>
</filter><filter-mapping>
<filter-name>CORS</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
轉載地址
http://www.skill-guru.com/blog/2011/02/04/adding-access-control-allow-origin-to-server-for-cross-domain-scripting/
http://www.skill-guru.com/blog/2011/02/23/cross-domain-scripting-settings-on-tomcat/