php跨域自定义密码验证
有时间我们想对跨域请求进行密码认证,密码正确就允许跨域,那么php怎么进行编写呢,我们来看看
前端跨域请求jquery中的ajax header设置一个通讯key,我取名叫clientinfo
<!DOCTYPE html> <html> <head> <meta charset="UTF-8"> <title>BFW NEW PAGE</title> <script id="bfwone" data="dep=jquery.17&err=0" type="text/javascript" src="http://repo.bfw.wiki/bfwrepo/js/bfwone.js"></script> <script type="text/javascript"> bready(function() { $.ajax( { url: '/', type: 'post', dateType: 'json', headers: { 'Content-Type': 'application/json;charset=utf8', 'clientinfo': 'bfw.wiki' }, success: function(data) { console.log("sucess"); }, error: function(data) { console.log("error"); } } ); }); </script> </head> <body> </body> </html>后端php获取clientinfo后进行对比,如果正确就允许跨域
<?php if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS') { header("Access-Control-Allow-Origin: *"); header("Access-Control-Allow-Headers:bfwajax,clientinfo,Origin, X-Requested-With, Content-Type, Accept, Authorization"); header('Access-Control-Allow-Methods: GET, POST, PUT,DELETE,OPTIONS,PATCH'); exit(); } if (isset($_SERVER['HTTP_CLIENTINFO']) && $_SERVER['HTTP_CLIENTINFO']=="bfw.wiki") { header("Access-Control-Allow-Origin: *"); header("Access-Control-Allow-Headers:bfwajax,clientinfo,Origin, X-Requested-With, Content-Type, Accept, Authorization"); header('Access-Control-Allow-Methods: GET, POST, PUT,DELETE,OPTIONS,PATCH'); header('Access-Control-Allow-Credentials: true'); } ?>
网友评论0