In fact, you do not set anything in the Yii framework, with different domain names directly call the API to Ajax
But to be so set Apache:
First, edit httpd.conf to remove this sentence Notes: LoadModule headers_module modules / mod_headers.so
Then add the header information in the file httpd-vhosts.config species
Header set Access-Control-Allow- Origin * - means that allow all domain names can be accessed
Header set Access-Control-Allow- Headers "access_token" - If you have custom request header, for example: access_token add this line
If you have a custom request headers, do not add it, it will error: Request header field access_token is not allowed by Access-Control-Allow-Headers
If you then make changes with jsonp or proxy way too much amount of engineering required, so use CORS this relatively simple and efficient technology. Compared to the way JOSP, CORS more efficient. JSONP because of its principle can only be achieved GET request, CORS support all types of HTTP requests. Use CORS, you can use an ordinary cross-domain ajax.
Header set Access-Control-Allow- Origin * meaning is configured to allow any requests initiated by the domain may retrieve the current data server. Of course, this is very dangerous, malicious sites might attack our servers via XSS. So we should try to have targeted the source of security restrictions, such as the following API set allows only http://123.com/ this field in order to cross-domain access server. Header set Access-Control-Allow- Origin http://123.com/
This is my httpd-vhosts.config file, set up three virtual directory, specific reference: https://blog.csdn.net/baidu_41327283/article/details/82668757
# Virtual Hosts
#
<VirtualHost *:80>
ServerName mysite1.com
ServerAlias mysite1.com
DocumentRoot "${INSTALL_DIR}/www/ourchildren/jzymaosida-childrenfront-master/childrenfront/web"
<Directory "${INSTALL_DIR}/www/ourchildren/jzymaosida-childrenfront-master/childrenfront/web/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
Header set Access-Control-Allow-Origin *
Header set Access-Control-Allow-Headers "access_token"
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName mysite2.com
ServerAlias mysite2.com
DocumentRoot "${INSTALL_DIR}/www/ourchildren/jzymaosida-our-children-web-develop/our-children-web/web"
<Directory "${INSTALL_DIR}/www/ourchildren/jzymaosida-our-children-web-develop/our-children-web/web/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
Header set Access-Control-Allow-Origin *
Header set Access-Control-Allow-Headers "access_token"
</Directory>
</VirtualHost>
<VirtualHost *:80>
ServerName mysite3.com
ServerAlias mysite3.com
DocumentRoot "${INSTALL_DIR}/www/ourchildren/jzymaosida-our-children-back-end-children-v1/our-children-back-end/backend/web"
<Directory "${INSTALL_DIR}/www/ourchildren/jzymaosida-our-children-back-end-children-v1/our-children-back-end/backend/web/">
Options +Indexes +Includes +FollowSymLinks +MultiViews
AllowOverride All
Require all granted
Header set Access-Control-Allow-Origin *
Header set Access-Control-Allow-Headers "access_token"
</Directory>
</VirtualHost>