Extjs
只是跨域extjs并不需要特别的设置,但是默认并不支持cookie会话
app.js顶部加入
Ext.Ajax.setWithCredentials(true);
这项只能解决通过Ext.Ajax发起请求时发送Cookie的问题,proxy还要单独处理
要让proxy ajax默认发送cookie需要overrides Ext.data.proxy.Ajax,在overrides\data\proxy目录中创建Ajax.js,内容为
Ext.define('overrides.data.proxy.Ajax', {
override:'Ext.data.proxy.Ajax',
config: {
/**
* @cfg {Boolean} withCredentials
* This configuration is sometimes necessary when using cross-origin resource sharing.
* @accessor
*/
withCredentials: true
}
});
YII
index.php或controller中加入以下语句
if(isset($_SERVER['HTTP_ORIGIN']))
{
//$_SERVER['HTTP_X_REQUESTED_WITH']="XMLHttpRequest";
header("Access-Control-Allow-Origin: {$_SERVER['HTTP_ORIGIN']}");
header("Access-Control-Allow-Credentials: true");
}
if ($_SERVER['REQUEST_METHOD'] == 'OPTIONS')
{
if(isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']))
header("Access-Control-Allow-Methods: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_METHOD']}");
if (isset($_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']))
header("Access-Control-Allow-Headers: {$_SERVER['HTTP_ACCESS_CONTROL_REQUEST_HEADERS']}");
header('Access-Control-Max-Age: 86400');
//header("Access-Control-Allow-Methods: GET, POST, OPTIONS");
//header('Access-Control-Allow-Headers: Origin, X-Requested-With, Content-Type, Accept, Connection, User-Agent, Cookie, Authorization');
//header('Access-Control-Expose-Headers','Set-Cookie');
webapp()->end();
return;
}