後端處理
$allow_url = [
0 => 'eva.com',
1 => 'localhost',
];
$refer = $_SERVER['HTTP_REFERER'];
$pattern = '/^(http|https):\/\/?([^\/]+)/i';
preg_match($pattern, $refer, $match);
$demain_name = $match[2];
if (in_array($demain_name, $allow_url)) {
header("Access-Control-Allow-Origin:{$match[1]}//{$demain_name}");
header("Access-Control-Allow-Credentials:true");
}
JS處理
$.ajax({
type: "POST",
url: SCOPE + "Home/Index/Index",
data: {
id: id
},
xhrFields: {
withCredentials: true
},
crossDomain: true,
async: true,
success: function(res) {
var res = JSON.parse(res);
if(res.errno == 0) {
alert(res.message);
window.location.href = 'index.html';
}
}
});