原理:代码允许携带cookie
操作:
A.后端代码加header
header("Access-Control-Allow-Origin:www.aaa.com"); //允许跨域地址(*,域名,ip)
header('Access-Control-Allow-Credentials:true'); //允许客户端携带cookie,注意在此处为true时,上面一行域名不能设置为*,只能放域名或ip地址
header('Access-Control-Allow-Methods:GET, POST, OPTIONS');
B.前端ajax增加携带cookie
$.ajax({
type: "POST",
crossDomain: true, //允许跨域请求
xhrFields:{
withCredentials:true //跨域携带cookie
},
...
...
...
})