$domains = [
'http://www.aaa.com',
'http://www.bbb.com'
];
foreach ($domains as $v) {
header('Access-Control-Allow-Origin:'.$v);
}
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
header('Access-Control-Allow-Headers:x-requested-with,content-type,token');
exit("ok");
}