为跨域ajax请求设置访问控制 [英] Setting up access-control for cross-domain ajax request
问题描述
我有三个子域,分别是 a.xyz.com、b.xyz.com、c.xyz.com.
现在,我有大约 20 个 ajax 请求要在 body onload 上进行a.xyz.com.
I have three sub-domains namely, a.xyz.com, b.xyz.com, c.xyz.com.
Now, I have about 20 ajax request to be made on body onload of a.xyz.com.
因此,我想到了在上述三个域之间平均分配 20 个请求.我通过 b.xyz.com
和 c.xyz.com
的 .htaccess 中的这段代码片段进行了尝试.然而,从 a.xyz.com 到任何其他子域的请求仍然被转储.
So, I thought of distributing 20 requests equally among the three domains above. I tried it through this piece of snippet in .htaccess of b.xyz.com
and c.xyz.com
. However, the request from a.xyz.com to any other sub-domain is still getting dumped.
<IfModule mod_headers.c>
<FilesMatch ".(php)$">
Header set Access-Control-Allow-Origin: http://a.xyz.com,http://b.xyz.com,http://b.xyz.com
Header set Access-Control-Allow-Methods : POST,GET,OPTIONS
</FilesMatch>
</IfModule>
我已将上述 .htaccess
文件放在我的子域 b.xyz.com
和 c.xyz.com
中.
I have placed the above .htaccess
file in my subdomains b.xyz.com
and c.xyz.com
.
那么,谁能预测我的方法有什么问题?
So, can anyone predict whats wrong in my approach ?
谢谢!
推荐答案
试试这个以允许所有 xyz.com 子域上的跨域:
Try this to allow cross domain on all xyz.com subdomains:
SetEnvIf Origin "http(s)?://(.+.)?(xyz.com)$" ORIGIN_DOMAIN=$0
<FilesMatch ".(php)$">
<IfModule mod_headers.c>
Header set Access-Control-Allow-Origin %{ORIGIN_DOMAIN}e env=ORIGIN_DOMAIN
Header set Access-Control-Allow-Methods "POST,GET,OPTIONS"
</IfModule>
</FilesMatch>
这篇关于为跨域ajax请求设置访问控制的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!