我在后端已经添加了header("Access-Control-Allow-Origin:*");,但是为什么前端使用js请求时还是出现
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://nichijou.org/x. (Reason: CORS header 'Access-Control-Allow-Origin' missing).
Cross-Origin Request Blocked: The Same Origin Policy disallows reading the remote resource at http://nichijou.org/x. (Reason: CORS request failed).很多浏览器都已经不支持使用
*来设置Access-Control-Allow-Origin了,正常的做法是header("Access-Control-Allow-Origin:".$_SERVER['HTTP_HOST']);如果需要传递 COOKIE 的话还需要搭配
Access-Control-Allow-Credentials: true这个头使用。具体可以看文档:https://developer.mozilla.org/en-US/docs/Web/HTTP/Server-Side_Access_Control
什么浏览器啊,版本号都列出来