What is cross domain?
Cross-domain means that the browser cannot execute scripts from other websites. It is caused by the browser's same-origin policy, a security restriction imposed by the browser.
The so-called homology means that the domain name, protocol, and port are all the same. It doesn’t matter if you don’t understand. For example:
http://www.123.com/index.html calls http://www.123.com/server.php (non-cross-domain)
http://www.123.com/index.html calls http://www.456.com/server.php (the main domain name is different: 123/456, cross-domain)
http://abc.123.com/index.html calls http://def.123.com/server.php (subdomains are different: abc/def, cross-domain)
http://www.123.com:8080/index.html calls http://www.123.com:8081/server.php (different ports: 8080/8081, cross-domain)
http://www.123.com/index.html calls https://www.123.com/server.php (different protocols: http/https, cross-domain)
Please note: although both localhost and 127.0.0.1 point to this machine, they are also cross-domain.
When the browser executes a javascript script, it will check which page the script belongs to. If it is not a same-origin page, it will not be executed.
Solution:
1 、 JSONP :
The usage will not be repeated, but it should be noted that JSONP only supports GET requests, not POST requests.
2. Agent:
For example, www.123.com/index.html needs to call www.456.com/server.php, you can write an interface www.123.com/server.php, and use this interface to call www.456.com/ server.php and get the return value, and then return to index.html, this is a proxy mode. It is equivalent to bypassing the browser side, and naturally there is no cross-domain problem.
3. Modify the header on the PHP side (XHR2 method)
Add the following two sentences to the php interface script:
header('Access-Control-Allow-Origin:*');//Allow all origins to access
header('Access-Control-Allow-Method:POST,GET');//The way to allow access