js腳本ajax請求
news.xxx.com 請求www.xxx.com獲取登錄狀態信息
$.ajax({
type: "GET",
url: 'http://www.xxx.com/index.php?m=member&'+Math.random(),
data: {},
dataType: "Html",
xhrFields: {
withCredentials: true//爲真而執行跨域名請求
},
success: function(html){//返回登錄信息
$('ul.topmenu').html(html);
}
});
php服務器端
$allow_origin=array('news.xxx.com','m.xxx.com');
$origin = isset($_SERVER['HTTP_ORIGIN'])? $_SERVER['HTTP_ORIGIN'] : ''; //來源網址
if(in_array($origin.'/', $allow_origin)){
header('Access-Control-Allow-Origin:'.$origin); //允許的域名
header('Access-Control-Allow-Credentials:true');//是否允許請求帶有驗證信息
}