php跨域自定义密码验证
有时间我们想对跨域请求进行密码认证,密码正确就允许跨域,那么php怎么进行编写呢,我们来看看
前端跨域请求jquery中的ajax header设置一个通讯key,我取名叫clientinfo
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>BFW NEW PAGE</title>
<script id="bfwone" data="dep=jquery.17&err=0" type="text/javascript" src="http://repo.bfw.wiki/bfwrepo/js/bfwone.js"></script>
<script type="text/javascript">
bready(function() {
$.ajax(
{
url: '/',
type: 'post',
dateType: 'json',
headers: {
'Content-Type': 'application/json;charset=utf8', 'clientinfo': 'bfw.wiki'
},
success: function(data) {
console.log("sucess");
},
error: function(data) {
console.log("error");
}
}
);
});
</script>
</head>
<body>
</body>
</html>后端php获取clientinfo后进行对比,如果正确就允许跨域<?php
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') {
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Headers:bfwajax,clientinfo,Origin, X-Requested-With, Content-Type, Accept, Authorization");
header('Access-Control-Allow-Methods: GET, POST, PUT,DELETE,OPTIONS,PATCH');
exit();
}
if (isset($_SERVER['HTTP_CLIENTINFO']) && $_SERVER['HTTP_CLIENTINFO']=="bfw.wiki") {
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Headers:bfwajax,clientinfo,Origin, X-Requested-With, Content-Type, Accept, Authorization");
header('Access-Control-Allow-Methods: GET, POST, PUT,DELETE,OPTIONS,PATCH');
header('Access-Control-Allow-Credentials: true');
}
?>
{{collectdata}}
网友评论0